trovas.ch Open in urlscan Pro
3.126.196.163  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 85

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 86

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1

Request Chain 87

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D

Request Chain 133

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 134

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 135

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1

Request Chain 136

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 138

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1

Request Chain 139

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1

Request Chain 140

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D

Request Chain 202

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1

Request Chain 203

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdlYzQ5MjgtMTFjYi0yNDY5LWQzYTctMGQyOTY3ZWQxMjg4

Request Chain 204

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEBCVk5zHvB2HXCVGitPQ41o&google_cver=1

Request Chain 205

• https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzA3OTAzMDY5YWQxMGFiOGYwNmFmZmQwYWE2NGI2MjQyOGQxNjdiMg==

Request Chain 218

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBj6PrKIytywLXAbsD5qzuo&google_cver=1&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBj6PrKIytywLXAbsD5qzuo&google_cver=1&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei HTTP 302
• https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
• https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819619990085727&expires=30&ssp=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei&google_hm=Ev4mJ4P2Q3yrrCmH2JEvhg==

Request Chain 219

• https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESELy3pHz-jZf_YqXrDexljms&google_cver=1&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r HTTP 301
• https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESELy3pHz-jZf_YqXrDexljms&google_cver=1&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r

Request Chain 220

• https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEHPd6rssfq5I7fUsKJRLfgE&google_cver=1&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5IcdA8xv3GWW2WlTn13YRvQ4pxaB44I9bk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5IcdA8xv3GWW2WlTn13YRvQ4pxaB44I9bk&google_hm=QWNYMlFKWnExU3dsRkhac2lFd0FZelE=

Request Chain 221

• https://rtb.openx.net/sync/dds?google_gid=CAESECQnaKpkXnAPzBvj6kCEJUY&google_cver=1&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7&google_hm=hNUQ3nE6w-MgMxsnfhbmUg==

Request Chain 223

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGiscWBihNEtP66JU28KO2I&google_cver=1&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGiscWBihNEtP66JU28KO2I&google_cver=1&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU&google_hm=a672f2f740745ea6045d6635

Request Chain 224

• https://cs.media.net/cksync?type=g&google_gid=CAESENYSiABaIJr03DPsB-JT7Zk&google_cver=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss01T8bZWe8ku1D08z5L0KVCzT-8NTD6uSj07i6RodJx2b_9pyhlEUT5ZEA93_2D1ogKNLrP HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&mn_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss01T8bZWe8ku1D08z5L0KVCzT-8NTD6uSj07i6RodJx2b_9pyhlEUT5ZEA93_2D1ogKNLrP&gdpr=&gdpr_consent=

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response trovas.ch/	100 KB 25 KB	299ms 216ms	Document text/html	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 86078d0c5232e70f82e9336461d14b0ae3b37c2a106958c7822a1a1958d20c69 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority trovas.ch :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Fri, 21 May 2021 20:57:13 GMT display pub_site_sol expires Thu, 20 May 2021 20:57:13 GMT pagespeed off pragma no-cache response 200 server nginx/1.16.0 set-cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; path=/ ezoadgid_174954=-1; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 21:27:13 UTC ezoref_174954=; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:13 UTC ezoab_174954=mod1; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 22:57:13 UTC active_template::174954=pub_site.1621630633; Path=/; Domain=trovas.ch; Expires=Sun, 23 May 2021 20:57:13 UTC ezopvc_174954=1; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 21:27:13 UTC ezepvv=201; Path=/; Domain=trovas.ch; Expires=Sat, 22 May 2021 20:57:13 UTC ezovid_174954=1886764198; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 21:27:13 UTC lp_174954=https://trovas.ch/; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 21:27:13 UTC ezovuuidtime_174954=1621630633; Path=/; Domain=trovas.ch; Expires=Sun, 23 May 2021 20:57:13 UTC ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; Path=/; Domain=trovas.ch; Expires=Fri, 21 May 2021 21:27:13 UTC ezCMPCCS=true; Path=/; Domain=trovas.ch; Expires=Sat, 21 May 2022 20:57:13 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-middleton-display pub_site_sol x-middleton-response 200 x-powered-by PHP/7.4.18 x-sol pub_site
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	67ms 65ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash ca8c1efd9dc154fef114ff966d0ee608322c1770a66601c87eb51681c5283efd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "879 / 186 of 1000 / last-modified: 1621626160" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21322 x-xss-protection 0 expires Fri, 21 May 2021 20:57:13 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	281 KB 82 KB	292ms 256ms	Script application/javascript	2606:4700:3032::ac43:b890 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,luponmedia,medianet,oftmedia,pubmatic,pulsepoint,rhythmone,rubicon,unruly&cb=194-4-19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:b890 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fef0684fd5eac3afacce05d36893b2eaaefbdfdd538296dde779afbfc9b548f Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NF9XCpgBOwkHSoXFwlyIgbDea0nYbkVkhzHzacRNrhs71svLB5cbsXnOo47gx6t0F63hneQ%2B4P3BagzeGaj56fJtBI66NtRJ7LaYZk7bstptRk2bbS3Vt3A%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 6530b7426a532bc6-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a3250dd8200002bc63092c000000001
GET H2	404	/ trovas.ch/ezoimgfmt/can01.anibis.ch/	183 B 183 B	994ms 993ms	Image text/html	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/ezoimgfmt/can01.anibis.ch/?1024x768%2F3%2F60%2Fanibis%2F933%2F849%2F038%2FCRod-17-wUShy6bKlobjpw_1.jpg=&ezimgfmt=ng%3Awebp%2Fngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 2627ae4be4fe77884d40a877d92b3fc65f7a024554b5ceda10764fea6281289a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /ezoimgfmt/can01.anibis.ch/?1024x768%2F3%2F60%2Fanibis%2F933%2F849%2F038%2FCRod-17-wUShy6bKlobjpw_1.jpg=&ezimgfmt=ng%3Awebp%2Fngcb4 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT content-encoding br x-content-type-options nosniff x-sol pub_site display staticcontent_sol x-middleton-display staticcontent_sol strict-transport-security max-age=31536000; includeSubdomains; preload content-length 121 pagespeed off response 404 server nginx/1.16.0 x-frame-options DENY vary Accept-Encoding Origin,Accept-Encoding content-type text/html x-middleton-response 404 expires Thu, 20 May 2021 20:57:14 GMT
GET H2	200	/ trovas.ch/	2 KB 751 B	91ms 90ms	Stylesheet text/css	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/?ff=1&pI=style.css&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /?ff=1&pI=style.css&wps=true pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol pub_site display staticcontent_sol, staticcontent_sol x-powered-by PHP/7.4.18 x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 content-length 593 pragma no-cache response 200 server nginx/1.16.0 strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	style.css trovas.ch/	15 KB 4 KB	86ms 85ms	Stylesheet text/css	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/style.css?ff=1&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash ffcc632ac20394b6d29315f30b7f8672b1fbdf38f70e129857d1bef673d45e2a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /style.css?ff=1&wps=true pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3800 response 200 last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag "3af8-5b452638c2480-gzip-gzip" strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css cache-control max-age=604800 expires Fri, 28 May 2021 20:57:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	25ms 18ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14d6960b44886cba9d7d73aca6c86855dc36a5cf8d96cca6e504894a09741543 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35742 x-xss-protection 0 last-modified Fri, 21 May 2021 20:04:42 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 May 2021 20:57:13 GMT
GET H2	200	banger.js Show response trovas.ch/porpoiseant/	43 KB 10 KB	39ms 32ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 6479a7112fd3ba54336deaf72ae4beb06258c65426d5e29d02ae524bbf18d600 Request headers :path /porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H/1.1	200 OK	/ can01.anibis.ch/	116 KB 117 KB	175ms 49ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/133/850/038/KY6UQoj54UuiTnMIulilJg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 3a92c09141bbbbf1041f6009fce0073b720906ecb65716bfb2986a2d51aab2e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	19 KB 19 KB	186ms 54ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/032/850/038/u2j9pCcJqUCMckAjuSextQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 2471e5057f2409a535e70bf3f30a25814c70b92f08fd49fd8740ab6dea990ade Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	139 KB 139 KB	189ms 58ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/967/849/038/2sqR3KPxwkeBifvTwmC7YQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash de7dd7e263ec6058da6a80b2bdba85e8df891c9fa529a26fd27bcbd1c6211a53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	61 KB 61 KB	190ms 58ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/065/850/038/pKe7ckiWb0-tlZU4Dej6bQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash d994c1f93e70966638f38444c9d1950734104a175d780d5534f45a3b6fec19be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	40 KB 41 KB	191ms 59ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/890/849/038/fEPKPLEbA0assE21jVcyFA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash ed987acc93f86ad5cfbbe8e7fd98a0ecb6d303d31bf09be52ebc0ad0b231a053 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	28 KB 29 KB	192ms 58ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/895/849/038/wWkLraCmWEyXVFCTE9gnpw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash d6ab03a0e05de9ad9de89363b4ff81198d45deb26da260a09a462a2324e27a6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	66 KB 67 KB	74ms 73ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/787/849/038/JIZFXdg88EmFTkGWZzVqHQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 258f8fde56bfa74732b92e8a8cfe050d3f9770f6bd90afe1381bc559aad939f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	66 KB 67 KB	57ms 57ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/777/849/038/NltHRRdPHUebpkffa-nu5Q_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 1c796200522151b609914aff5f71e78d7a1f3448dde2fe69bb610caf53aed86d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	66 KB 67 KB	42ms 41ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/127/850/038/cmdLphnKtUih7UUXhrOnlA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 0d0000a3e19128e37d7067572a099b90bb144f2ec214befc657f88342532002e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	16 KB 17 KB	46ms 39ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/100/850/038/Y_5s0n6d7kmWmElzrd6bLg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 8805347d0c1fecddf154127d5966978d3aeaa3b4ac4729255e8f96845e65d3a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	81 KB 82 KB	40ms 39ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/003/850/038/VcKSy1A4ZECNJFjI7DL9uQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 637bbd2a639a5386747f31446954a282dcff199e64aa3ffb18e175b41a83bfa7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	155 KB 155 KB	74ms 66ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/846/849/038/yqjyZdKOGkiiTOZpk5Pz_Q_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 6e6a50e91a05278f2fd5a97907ecbb6ca521a012bc78bad9313e5e5288c58100 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	36 KB 37 KB	44ms 44ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/139/850/038/J3gAiJ-Q7UCiGQIGTH9-SQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 67c6c9150f584db955c47442dfab63645ba4088f098520eab86d5c984d061abe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	51 KB 52 KB	46ms 46ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/702/849/038/JCWezbtD-UG8uhUE0ApVDw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 5a25d04386b5288edd5b8104d8a2832e2342a6989b4b8daeecee280a561f6251 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	111 KB 111 KB	45ms 45ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/877/849/038/xWY-6MP4XUavfsI9QjRqTw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash cc1d4876ae1124223bc5dee6c35f7a62a688e113009790cd2dc5b44ff59e2242 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	7 KB 7 KB	36ms 35ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/496/849/038/TKh5kUZxLEKPppgmQWoaTA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 0c041830824fc121ae558c25bf89908fcbac092acf8b15548a4bd8957bba4406 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	31 KB 31 KB	49ms 47ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/941/849/038/pD_lkkIqiUapk8lZRb-9dg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 1a7d869c7d0417b85de5e275e4f4c2b5db14be11a54dffcda5024dbb6bb98305 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	32 KB 32 KB	41ms 40ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/117/850/038/S2JctKy8MkaQGr1-YgzDdA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 762ab0044380b7072aa80459fe012e9bf3ff3da03bafb1be4fca366108a1c72d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:14 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Fri, 28 May 2021 20:57:14 GMT
GET H3-29	200	pubads_impl_2021051801.js Show response securepubads.g.doubleclick.net/gpt/	308 KB 108 KB	103ms 66ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash 77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 May 2021 08:37:05 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 110938 x-xss-protection 0 expires Fri, 21 May 2021 20:57:13 GMT
GET H2	200	ezosuigeneris.js Show response g.ezoic.net/	555 B 562 B	111ms 33ms	Script text/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigeneris.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 1367af456fd5db41b5b4130edd6b2c208ce6092c6153a44460c8318be8c83b91 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag d3561d1140f1100c8077c93169e8fc07 vary Accept-Encoding, Accept-Encoding content-type text/javascript cache-control max-age=999999, private content-length 276 expires Mon, 29 Apr 2020 21:44:55 GMT
GET H2	200	cmb.js Show response trovas.ch/detroitchicago/	122 KB 32 KB	44ms 42ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash a276d4724837c03b1898030bd17a57a6d5cae74b171ce505df55bd38806a0e74 Request headers :path /detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b112735cd560ccdafebb2cb9f6a66efb65e00721265a1ffab0ca3341105983d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dabda3c6f0eb9c30d61aeaac42d50d81e247093f88bf51db72d7e97c6dea1b8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 774ccf1a7033950e23c7f32b21b95d0b25d60427d63ff4abb0050b089a1b5612 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ccc7ebc03de97d3d5124df7c3708766b7cde0a28587b60f2b714b557fd13956f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	i3.png trovas.ch/img/	3 KB 4 KB	49ms 46ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/style.css?ff=1&wps=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 2c3b7b288c8d0fa45fe3520a694e0b788a17036cdd4e27327fd3d6fc7d9d6ce3 Request headers :path /img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/style.css?ff=1&wps=true :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/style.css?ff=1&wps=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br age 29368 x-amzn-requestid ed975c84-4584-4461-a536-56a9f06c939e x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frfNqFsNoAMFdKQ= content-length 3454 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a7abf0-1d468c94105999a74052d77a;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id bKNfodaW8gYlntinWqJh8dtU8UPsJBRemhRFe4G9080mNWddtjeP4w==
GET H2	200	houston.js Show response trovas.ch/detroitchicago/	3 KB 1 KB	33ms 31ms	Script application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/houston.js?gcb=4&cb=36 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa Request headers :path /detroitchicago/houston.js?gcb=4&cb=36 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1163
GET H2	200	imp.gif Show response trovas.ch/detroitchicago/	43 B 128 B	35ms 34ms	XHR image/gif	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Paris%22%2C%22country%22%3A%22FR%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22e96cff91-0ec2-4227-56be-55da4e1ae162%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2293200%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36447%2C%22response_time_orig%22%3A35%2C%22serverid%22%3A%2218.185.93.27%3A31619%22%2C%22state%22%3A%2275%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621630633%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1258%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers :path /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Paris%22%2C%22country%22%3A%22FR%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22e96cff91-0ec2-4227-56be-55da4e1ae162%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2293200%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36447%2C%22response_time_orig%22%3A35%2C%22serverid%22%3A%2218.185.93.27%3A31619%22%2C%22state%22%3A%2275%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621630633%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1258%2C%22worst_bad_word_level%22%3A0%7D pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 47
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	27ms 7ms	Script application/javascript	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding gzip etag "WhyxmPkT7L77qVDcrjxwGw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Fri, 28 May 2021 20:57:13 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	ezosuigenerisc.js Show response g.ezoic.net/	0 54 B	34ms 33ms	Script text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigenerisc.js?nogen=1 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT cache-control max-age=300, private server nginx/1.16.0 content-length 0 vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	nmash.js trovas.ch/porpoiseant/	33 KB 9 KB	34ms 33ms	Other application/javascript	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/nmash.js?v=19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd Request headers :path /porpoiseant/nmash.js?v=19 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode same-origin accept */* cache-control no-cache sec-fetch-dest worker :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br last-modified Mon, 10 May 2021 21:42:43 GMT server nginx/1.16.0 etag "854d-5c200a84d9ac0;5c200a84d9ac0-gzip" vary Accept-Encoding Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 5237 date Fri, 21 May 2021 19:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Fri, 21 May 2021 21:29:56 GMT
GET H2	200	tr.jpg trovas.ch/img/	4 KB 4 KB	61ms 58ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/tr.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 9c966e431778c1dcb42ef3389115f209f07d8d04bf0b221504425fc81159dafc Request headers :path /img/tr.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br age 27179 x-amzn-requestid c0633dd6-43d4-4f46-84b0-1bd4676350d4 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frkjsHFsIAMFgEA= content-length 3656 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a7b47d-2febbf5f1fb31be21c58714d;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id jvFM-15OqOMWt8rblxp4q4oSd_2GAcv9dmPfEODWXRsgoiPFuDpOJg==
GET H2	200	arr.png trovas.ch/img/	3 KB 3 KB	47ms 46ms	Image image/webp	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/arr.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash f3d9b11f0214ef1686c1e744aac68cdb7f00d0fca136bc211c4fe42290d1c797 Request headers :path /img/arr.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT content-encoding br age 34223 x-amzn-requestid e41beecc-beec-4c3b-8dd5-b75d274f70e5 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id frTXCGJ6IAMFzaw= content-length 3180 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60a798f9-1646144f50f926545c407028;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id EX-JGQx4weoUBOrEuMQCvj3kkRiiVHTS5bG7EQr5ywsb5cT-C0UdxA==
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 104 B	31ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImQzNTYxZDExNDBmMTEwMGM4MDc3YzkzMTY5ZThmYzA3In1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6ImQzNTYxZDExNDBmMTEwMGM4MDc3YzkzMTY5ZThmYzA3In1dfV0= pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=d3561d1140f1100c8077c93169e8fc07 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:13 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:13 UTC
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	34ms 16ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2007784825&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&ul=en-us&de=UTF-8&dt=Dein%20Gratis%20Inserate%20und%20Kleinanzeigen%20Marktplatz%20-%20trovas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1754195738&gjid=444738315&cid=1461951090.1621630634&tid=UA-4377331-90&_gid=477123547.1621630634&_r=1&gtm=2ou5c1&z=1298418201 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 21 May 2021 20:57:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://trovas.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rules-p-31iz6hfFutd16.js Show response rules.quantcount.com/	3 B 428 B	28ms 10ms	Script application/javascript	2600:9000:211e:5e00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-31iz6hfFutd16.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:5e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 22:04:36 GMT via 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront) age 82358 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:50:24 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA56-C2 accept-ranges bytes x-amz-cf-id lWS5q_LsezD1uSNoet7xolsY8EovoK_KX51dD0pYa9tixF7FXEnWJg==
GET H2	200	pixel;r=1381616166;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-853942528-1621630633744;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d... pixel.quantserve.com/	35 B 371 B	15ms 11ms	Image image/gif	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1381616166;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-853942528-1621630633744;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=trovas.ch;je=0;sr=1600x1200x24;dst=1;et=1621630633744;tzo=-120;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:13 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.fr/adsid/	107 B 799 B	37ms 15ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 275 B	610ms 610ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=4421995840021090&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=a%3D%257C251%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D90%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873%7Ca%3D%257C3%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D90%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873%7Ca%3D%257C5%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D90%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630634&dt=1621630634050&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C639%2C962&adys=171%2C171%2C171&adks=840336167%2C3122676339%2C3122676338&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250%7C323x250%7C323x250&msz=323x250%7C323x250%7C323x250&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 235de0db3e3cbfe8dfcbe27dceaefa7784b07404148b068146900dbc8f4a22ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 245 x-xss-protection 0 google-lineitem-id -2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	48ms 14ms	Other text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	6ms 6ms	Other text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 275 B	548ms 546ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=4400871680525038&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C3%257C%26iid14%3D1330127%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1330127%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630634&dt=1621630634063&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 6100d00513e930501b678cd0aefb1b42896f15553c568566bc4479ab699eca42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 245 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 42 B	31ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjgzIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMDAifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjIxIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIwNCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIwNSJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMDc4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDg0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI0ODQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjgzIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMDAifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjIxIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIwNCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjIwNSJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMDc4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDg0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI0ODQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=d3561d1140f1100c8077c93169e8fc07; _ga=GA1.2.1461951090.1621630634; _gid=GA1.2.477123547.1621630634; _gat_gtag_UA_4377331_90=1; __qca=P0-853942528-1621630633744; ezux_lpl_174954=1621630634403|e96cff91-0ec2-4227-56be-55da4e1ae162|false; __gads=ID=473668093bfddf44-22c0c20719c80065:T=1621630634:S=ALNI_MZWVGjmenmBx_bw4JcrwWquDmIdHQ accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:14 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	30ms 29ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTMwNSJ9XX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTYzMDYzMywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTMwNSJ9XX1d pragma no-cache cookie PHPSESSID=qda5p62qtgneeehq89351l1koc; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621630633; ezopvc_174954=1; ezepvv=201; ezovid_174954=1886764198; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621630633; ezovuuid_174954=4cdfd45f-1ae0-4caa-4b67-83f915570bd6; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; ezosuigeneris=d3561d1140f1100c8077c93169e8fc07; _ga=GA1.2.1461951090.1621630634; _gid=GA1.2.477123547.1621630634; _gat_gtag_UA_4377331_90=1; __qca=P0-853942528-1621630633744; ezux_lpl_174954=1621630634403|e96cff91-0ec2-4227-56be-55da4e1ae162|false; __gads=ID=473668093bfddf44-22c0c20719c80065:T=1621630634:S=ALNI_MZWVGjmenmBx_bw4JcrwWquDmIdHQ accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:14 UTC
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	37ms 17ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7a514d416067ee14c7b9be22c11db03b337bd256dc914edd59e08aca29e34d29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8171 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:14 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 21 May 2021 20:57:14 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 90FC	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 21 May 2021 20:28:52 GMT expires Sat, 21 May 2022 20:28:52 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1702 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response pagead2.googlesyndication.com/bg/ Frame 90FC	14 KB 6 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:32:37 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30277 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5790 x-xss-protection 0 expires Sat, 21 May 2022 12:32:37 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	40ms 40ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051801&jk=2783143210997630&bg=!OzilOHzNAAZ7hX_Ue4U7ACkAdvg8Wt6LadPsW0NQ7JPDnDZyyeHTjIf6yktJmfOiTEl7zgItDNQcfgIAAABWUgAAAAloAQeZAkPOv3_GXiEnmnY0OwvEF5-9ZS_RToqtWIycgqIRjav8n6OL19Vlyizr3DMkfQOOshqaSw2ggw20gPZuA5QlVpSEBqojQvpKieHBIql4twQ2zTicWw0vr_LduAT1CsAgyFJhYjLCK9sWRluVCjlQKePEESLKJ_wgUWlryibFgiz6nFsuCRTu5mAPYiNEDBDb-Pgp7FQyF8lWbZjk9ffTb_peuzX-Uu74G1Jadi52-NNacngMYm2EuVlbBOXhs_wg_kcPUKjak2oK5236tHppIfbdilYSllXfda7vGl9ja24gBo7eO4CJY1NQYXTssM9V1QUP7dOhL_2hFrAmikO6p4XTNaB0j4DHGJS_vLafXpKngFi4K_s1Jzfounnz-n2fK9GuAkzCCT9wr4zoXasZAYcg-Zl6f-Mn3liX6vRtZwmqz8Ju7oybLHhy3JlSaidx5erNu9h5XggDmt0xcQ2IDTeOUKKW-FSm_hBh-qXUc-7WmX1S7B6-rTGs9DJ2q1-SewpeX3YmK3SD2a8bJk9PahsjtDbKrMdUsN97wrE_5KwfXRyd9T3sAs0YuqXCY39qyMUmEXevc3XPK0Z7mxRlSpcfPy8R-Iu1M_bNAGjUiAichsv7eoBpvvbuYiF0tjvZDBDHpuqzO_BDUPXHTZvxwh3Kzk1eKodj2QAeU98eAkMpzUYnD95VOfoj_YuUJMCFNCeTg73JC_vit6LfZMklxHKbyeVkvI-boh9Scl2sLIsr29D6ue73CmMiDJA-A9QdzxcoNmk Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:14 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.fr/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	14ms 14ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	17 KB 10 KB	438ms 437ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=3289429422391271&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C5%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D46%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873%26lb%3D90%26reqt%3D1621630637172&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630637&dt=1621630637175&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=962&adys=171&adks=3122676338&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 4b13f09779fc4735e2ab7fa072b790ef68b63df1624684bfa5744034e9521405 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9313 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	48 KB 23 KB	530ms 529ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=2615072124332142&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D46%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873%26lb%3D90%26reqt%3D1621630637178&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630637&dt=1621630637184&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=639&adys=171&adks=3122676339&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash dc570c1daf4c778f6817a1379fb5511f0e871fc9e39faf5f299c474f63d0818f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23068 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	14 KB 8 KB	539ms 539ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=3386766520775381&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=3&rcs=1&prev_scp=a%3D%257C251%257C%26iid14%3D1309709%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-1309709%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D23%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D46%26br2%3D46%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C873%26lb%3D90%26reqt%3D1621630637188&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630637&dt=1621630637192&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=171&adks=840336167&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250&msz=323x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 36601332bd4fcb2b4eb831cfb18f948960bd740021f7d094d50b2a52ec17ed74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8037 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 466 B	533ms 532ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=302415959783655&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=a%3D%257C3%257C%26iid14%3D1330127%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1330127%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C19%2C873%26lb%3D120%26reqt%3D1621630637193&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621630637&dt=1621630637196&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash e0ba40dc01d10ebf240b94aee6e3aa80c8a45bdc8dfdcea86fffb670adecc7f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 241 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E69	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 20:57:14 GMT expires Sat, 21 May 2022 20:57:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	14ms 14ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424113157718" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27995 x-xss-protection 0 expires Fri, 21 May 2021 20:57:17 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	34ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQzMjQifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjQzMjQifV19XQ== pragma no-cache cookie __gads=ID=2620edf680866515-22cca94819c80017:T=1621630637:S=ALNI_MaNyLoXBOuYiV1UrNCXKsRLoorxPg; ezouspvv=46; ezouspva=1; ezouspvh=46 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	34ms 32ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImZlNWIwYzk5YWI3YmExNWYwNTA1ODJiZTEzMDEzMDNmIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUyMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImZlNWIwYzk5YWI3YmExNWYwNTA1ODJiZTEzMDEzMDNmIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUyMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie __gads=ID=2620edf680866515-22cca94819c80017:T=1621630637:S=ALNI_MaNyLoXBOuYiV1UrNCXKsRLoorxPg; ezouspvv=46; ezouspva=1; ezouspvh=46 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 93 B	96ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 20:57:17 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	33ms 32ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie __gads=ID=2620edf680866515-22cca94819c80017:T=1621630637:S=ALNI_MaNyLoXBOuYiV1UrNCXKsRLoorxPg; ezouspvv=46; ezouspva=1; ezouspvh=46 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	30ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjMwNjM4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MCwiYmlkX2Zsb29yX3ByZXYiOjkwLCJiaWRfZmxvb3JfZmlsbGVkIjo0NiwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDU2LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjMwNjM4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MCwiYmlkX2Zsb29yX3ByZXYiOjkwLCJiaWRfZmxvb3JfZmlsbGVkIjo0NiwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDU2LCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= pragma no-cache cookie __gads=ID=2620edf680866515-22cca94819c80017:T=1621630637:S=ALNI_MaNyLoXBOuYiV1UrNCXKsRLoorxPg; ezouspvv=46; ezouspva=1; ezouspvh=46 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 8388	624 B 591 B	17ms 16ms	Document text/html	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 20:57:17 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnMTqFXA9iJoknZS64lb4B2Mo4sQdx3em4IYIsyU6BEKEMug6xgP72hc160; expires=Wed, 15-Jun-2022 20:57:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 20:57:17 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1E69	24 KB 12 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Afu_mKJYdk7CSiiez3PxK5XkUT3QcRzN338CFk_TekuBy3B8ttRJiX-4BpKv3pHY69SxuzeoW8n5CWXnTiNx_PpkKdGhRdb_ys1L0IHgtvjFEw8uffWtEzrYOJs-kYnJQuMItrXrBH2TLEPP6fLNhYuh-QyA&cry=1&dbm_d=AKAmf-B_oBkgykcVvKLDi1pnh_iIepyZUc2RZx3hL8wAObbKiF_8QP7YyBwOYItXmnWaZSuFf9aQg6eTWi0s72V63ZmmDGACNkPzO8dyqMY7OKSjvSWSg30GYssMBX-jSqHqoYI4VUm1DnCv0NzkJjgJ95bRZzpi01U0L03bIen_oTjaLgJAWdOaMdAnXSPXpHHTq_uV4y5LB126v6goj2YBU3A6c1AXRHAE_dOklVu2ZqwtVrh1mQn42XrVL4GqLr_ISu0PCR5IWvkJdRLkeftaTIkHxaCnzZLWWKqQxrZaEGUeo_y8aQIAZSzu2i97bzip-iTTRMdaUK9h55P3eWM1j7JBQj3Ne1ZDTNRdz39tZojucybRiLgVadHUjCzeYGIimJsiQh_57wyxtARzcdCL74YgSZ5glv8zraVgMM8I9SKcDCZ4N5a6z6iSDXmBOeylY-osD2mIqpzqRnHvjcg5JSaEGiOsNwO9o1GBTg7W-HKvBSp3RwkeMBFFB9gSncdhjjKfhbJ1JkLLGRZshTZscHktwU2WmGzpfPexLbwFZqQ40a1Fq-rRLOrPG3gRw_YF-4ADokaKjOuN-PpVdqD7M4Rt7LztTKIN1U53wCDGO-ZQeDc7G5HAP5j1eDhGBmhEn9ktYxmedyKx2LNz6Eru5b6QCz7WfCfyi8ZDdjjK_lP34SVAm9uaBb21JiyDOaWKkXQK1lXSNq3DuA76FaeTlKfkfdUDYClmElG8e6geqYk0rTSzSRvKujMADZw7jiT49JddAzKiCwmps6dcbFXB7Rb1MdImMjr9c_vhKzbQ1-mb4OoAlcIW4tXV8MhncjLlOJvRjhPdu_gzRPK4oICHNqtHTCdOEI9UWLiw08O3G2e1LlkDIiRxJ9up04GLacH_KUeUhoPu5ATWUJpynQDqnCbZ54BohRf99DCU65C-HfWzjzrDx657jtCydeGJSVIcEFLDG7fytHULotpZ6q1HlWnJNuUcC0pVlV0MbwRWNTQ8WoNThMmaUiZLU5u9IjZhuiFZB0TvGkd9hejuyHNjR2o6tTleMbxc1PAZqzLUvB_oNfTRXsmiqDm_rVi4oxMmqwMTGkrmrjpWQezsZslXRrSZSe4FpzmZ-VC3bVt8nZqsQeOGsWHPW3voMPapRoBQg5yiWNiznaozKIxZkdcgTFjfWPGxQyNzVdUMLx-zfU0kem3NFN0ge6cihyGensFLbS_NoYhma0GxGlG-e-uUnJdRhOPI-sXRvPOGTcGHhTbZj2MhEWiuwTC5DdwGbrwIP0LLc7pObOMXU0m4WvUwn9FljpRmuhY43bQIRrlLR8ISppRwDkcX5qTyMGctHdw5FAa30xW4dYcHX8uNq7zcDFpRLctvkCCljMwwi6NEEPPMZUBUWzzEPeZnWEHq-ks7zSAQMMxC5ydgel8vdxX7-XD-4lcRe1GA0fLEuRAjO59mMhqb6Lw5XR-PBPCpvWdp1ce2nkYqdHulCtft4MHkoz-vOO0ql5bqdyxgeoTVxMeOGmSWtxzG_8Q6U2H57embWJeMr3iHdbo7H0oMwEIYKRFAmaxmyJBa9jYD2Zr8qeS4-cl1ss1a3Ca9lJ1LxT9MqZ5-gdu1v2bkMEulDTFVUkbJQFtmN5e9xPoCRTuRa9s64AlLQuFdH7tZ657fAw7rlYRLDPu6f0yXoBY2HVYtuySRCQhQnCBgdMfF7jLxVxwh43DYeK-fc2e9fhmclORqXfDrjFehC0K0gaQBUpcOBlZkSkCBKU9XXv79V8g8UhUIzVOTDJGl4IeHiFS_BNug7qrlG2s7uTE0fcDx9rReC1mHbWmPaWOf2uQqRQaO7LXcEj9W3t_7YCpH66psU8rfLJZKp5AiYPDzIRwiFjPtjlVAXM8jZzsM7fCxSGOcB16tTR8M_dzU9aMc0AUI6htcvzwj2EDz9jSkYR7n4Z1NW9WjY1nHLqYbn-5JEjdNK85fWXrYOq8xobu73_3LygN0laH05I35J-RRrfIn0iBfsrFidv7nSicmz0heVy1zLPhv2yNfYiJpB5ONxnT9ezRw3UTl8G_KwfZx1xbTa1Tk7ILo8wKj-gLXqtPDpCfHTSAwQAvprp8MUsBCABs8riW7AoVD4AWAJenJfQS00gcvCt7b7OaD22W2pLCkVHh3THud2HBFtYuPD2ILG2Kme1oHe__XzDOynW7nS70lWKf_Cr-gwKvTaEMkU6-QE_DcrIuKkQmc3npJkimS1hv-PBJH8zWi6Cg6khNh6ffeLAW2hQuyv80KFkme-ibdmkFdKpwLJosiSF0h-RgQo7e5nZzxQ1ob6n3GWw82l072DLQTDvtdQ2oQ3pW7RmEZk7F5ioRJPYL85gZ3u4OyLI2ns4QZxwgPp9aC3MBrkLbnugcJ8U2WJbDKY7SOr5I1OZXc1o10KAhe3jEDfdE8378L7UribyT_Rr_-3oh05bhxpfBdiJ9UW7PgCFNLE3uPUfleWVhkZxKWv26pWcV1NJiQkYF3YoltN0zLes8731XbFC--w1KzDkKh_TTZSfSn7xwZ1-BMJMzQiEip_U6ZAxruSeTLMX1d3XotV_ebQtRbjJTCm5ixgxaiTGZ0sFja0XWmRidKAfzvFYv2gE1KiCRYPjVIW4Ffu-wCvw0kOLTyF82Oq32Jocwf59UVUtm5espd2yv7PiRMPaz60UvFnZRLoDr7LB36LcJZPJ0yhhuTBdqewltp1Ap9Ew2cEK7GZvzlpe1VlNxEzeNYRsmCGx8U_tt39Nc97u-c_NRQYye--1cAwELE-A9huEDTqrI1pgdSvA_ooWwrmai8oMmX-dRPxPTzaopNipJl7v77kAfGh_gZ6UQ4nOtVkC0q6VlcxdSsZUmnU5RUuqncBuRUs7EHKW95ZC6Rya-_Y7xDSSBHGF8n2LiTB9KlKq5XHUYyr6XghK8aTat66aJQ3vBj08M1ENnG3kl-oF5Vw96ws-USAwIyB8BhpytYm4Qu4rthehu9xusq-837iBarcg4VYhkhSIwzRA2E7cBq20-JJVQhj6Rbq-qJ7JRSK1tlmLTX_0dB8yXWJ1G8ZRYoWFE8HIFUdmfMl0YayanzS9xuTAEDmQpRjtWUQI-8hf_RKcPcPoZmuXbUBL4YB3xhUNXP9-smf8jyOJA1KSnLzbmZCbV7AKp8BnP4_xJKgE2YGRcB-L4WTi5KC60RMngzR7p0VbUSwVpb9lcYr7CYIOSFroHkmSamMrcdpWBKwcd-UoHbCbwl19goOdPLEZZvVqIH0c1iUVHf5rS0S-n5Byta-ISZiSLaO4cZTHrG8G4WfgVzGcM1ZeQgvatMkDCfOYMoJ6iK1G6myLNDMENzXmTFPrXUuOAztGtIen2GogFVkakaSP82kYAvKpNESK3_WWNiihSbUsQHHgQ1DN4xYyrhMBoxoY3E_1XpwjSt0znm0gofie5SiZ9CFo-oFqmn0w30paE76ldlah85YRcj_hjYG7k8gHcC-JYv0Af3LHnX0EK1l_1FHrogPUnk9K4zsh-1PIFGVCowwvxazFIHsRNhjeLopA5Io4cGYMUSkVe_3NLF1DImob7-J8Y56aIRhOq1LllWbmThzCVgxADQAeCgAas0btub1r5zVupym-ybl6o6J4D5WX1pFEdCVzx7lcfFn9_WU7Wbu3T8RyHURw4CL9Lze2gzK2DskHCn9_Xl6sYAaMaq7sP8BxKk0TV6nmBaX3oljukGWrXseOBBlYkHxkHntMdcPynNGw11mXxrpRzQuxNh2z_Hah3CG9GE4yln-_SD_bxgICM9XUZ04n9YxIh5hcj_XYbGn0UcjqRFM2l-xqbL4H5pen8Tjdo&cid=CAASPeRoPtRRPXUR6PV6XE77cI4MhXxVshQBvkeOQ_sapok2AnPIu-I5A11RLxVrKMpcS0hErdtjo6H1_h2Ypu8&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ac779a181975c7af7977292106abbcbf5ff25433c23f72bb7a09f220123e2e04 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12275 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1E69	42 B 173 B	42ms 38ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Als9RshISWWp3G45kQOR2jF5e7PHGtESiSKuYQV0w_5UbUQqnboljsJI03cxDTCZk2IfmJjV_UlwL1fEN2OyzhGpRrYlh6exYaEILIOOhaz8OJRjg Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tfav_adl_44.js Show response j.adlooxtracking.com/ads/js/ Frame 1E69	41 KB 41 KB	126ms 41ms	Script application/javascript	37.59.24.120 OVH
General Check archive.org Show headers Download Go to Full URL https://j.adlooxtracking.com/ads/js/tfav_adl_44.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 37.59.24.120 , France, ASN16276 (OVH, FR), Reverse DNS js02.adlooxtracking.com Software nginx/1.15.8 / Resource Hash 4d0b545d75071b86296b54b0dafb1319eb4c3ee2414cc0f96a84684a205774b9 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:17 GMT Last-Modified Wed, 21 Apr 2021 08:21:32 GMT Server nginx/1.15.8 ETag "607fe08c-a2da" Content-Type application/javascript Cache-Control no-cache, max-age=60 Connection keep-alive Accept-Ranges bytes Content-Length 41690
GET H2	200	i mmtro.com/ Frame 1E69	48 B 438 B	112ms 47ms	Image image/gif	195.66.82.41 MERCIS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mmtro.com/i?tagid=6549673-7656665c048eac04dc64d8ff68101f13&idc=88871&rtgoid=3026445&rtgpidc=&rtgaid=ABAjH0jUaGRiER5rvYQ1ALnNS3QD&rtgseid=&rtgcpid=19995983&rtgcid=346498906&rtgexid=1&rtgpid=1&rtgsid=868756208534&rnd=1621630637229403&rtggdpr=&rtgtcs_v2=&u=https://trovas.ch/ Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.66.82.41 Paris, France, ASN197205 (MERCIS-AS, FR), Reverse DNS mmtro.com Software fdb141453c85e6bc89a824a70a7bfd71a273b947 / Resource Hash 2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT server fdb141453c85e6bc89a824a70a7bfd71a273b947 p3p policyref="https://mmtro.com/w3c/p3p_mmtro.xml", CP="ALL DSP LAW CUR TAIi PSAi PSDi IVAi IVDi OUR BUS UNI" x-rid 60a81ead3a2d9d975005b6eb cache-control no-store, no-cache, private content-type image/gif content-length 48 expires Wed, 23 Feb 2000 00:00:01 GMT
GET H/1.1	200 OK	pix.gif mm.eulerian.net/dynview/sofinco/ Frame 1E69	163 B 1021 B	106ms 22ms	Image image/png	109.232.193.142 EULERIAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mm.eulerian.net/dynview/sofinco/pix.gif?ead-publisher=1000mercis_dbm&ead-name=CPM_Campagne%201000mercis%20prospects%20acquisition%20dbm&ead-location=RG_300x250&ead-creative=JSON_TRAV_MENS&ead-creativetype=300x250&eseg-name=produit&eseg-item=PBTRAV Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 109.232.193.142 , France, ASN50234 (EULERIAN-AS, FR), Reverse DNS mm.eulerian.net Software EWS / Resource Hash 6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma private, no-cache, no-cache=Set-Cookie, proxy-revalidate Date Fri, 21 May 2021 20:57:17 GMT X-Content-Type-Options nosniff Server EWS Strict-Transport-Security max-age=604800 Content-Type image/png Cache-Control max-age=0, private Connection Close Accept-Ranges none X-Robots-Tag noindex Content-Length 163 X-XSS-Protection 0
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1E69	2 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:30 GMT content-encoding gzip x-content-type-options nosniff age 227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:30 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1E69	118 KB 36 KB	32ms 14ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424119306032" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36804 x-xss-protection 0 expires Fri, 21 May 2021 20:57:17 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 1E69	13 KB 6 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:38 GMT content-encoding gzip x-content-type-options nosniff age 219 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:38 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 1E69	0 0	15ms 14ms	Image text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJKfGKD37fbV6go-4zX-3Un-d77nUPGPA_T05mNJ4p9VsJjx2KdF8WeLMf6qXerozuSWFs Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 1E69	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Afu_mKJYdk7CSiiez3PxK5XkUT3QcRzN338CFk_TekuBy3B8ttRJiX-4BpKv3pHY69SxuzeoW8n5CWXnTiNx_PpkKdGhRdb_ys1L0IHgtvjFEw8uffWtEzrYOJs-kYnJQuMItrXrBH2TLEPP6fLNhYuh-QyA&cry=1&dbm_d=AKAmf-B_oBkgykcVvKLDi1pnh_iIepyZUc2RZx3hL8wAObbKiF_8QP7YyBwOYItXmnWaZSuFf9aQg6eTWi0s72V63ZmmDGACNkPzO8dyqMY7OKSjvSWSg30GYssMBX-jSqHqoYI4VUm1DnCv0NzkJjgJ95bRZzpi01U0L03bIen_oTjaLgJAWdOaMdAnXSPXpHHTq_uV4y5LB126v6goj2YBU3A6c1AXRHAE_dOklVu2ZqwtVrh1mQn42XrVL4GqLr_ISu0PCR5IWvkJdRLkeftaTIkHxaCnzZLWWKqQxrZaEGUeo_y8aQIAZSzu2i97bzip-iTTRMdaUK9h55P3eWM1j7JBQj3Ne1ZDTNRdz39tZojucybRiLgVadHUjCzeYGIimJsiQh_57wyxtARzcdCL74YgSZ5glv8zraVgMM8I9SKcDCZ4N5a6z6iSDXmBOeylY-osD2mIqpzqRnHvjcg5JSaEGiOsNwO9o1GBTg7W-HKvBSp3RwkeMBFFB9gSncdhjjKfhbJ1JkLLGRZshTZscHktwU2WmGzpfPexLbwFZqQ40a1Fq-rRLOrPG3gRw_YF-4ADokaKjOuN-PpVdqD7M4Rt7LztTKIN1U53wCDGO-ZQeDc7G5HAP5j1eDhGBmhEn9ktYxmedyKx2LNz6Eru5b6QCz7WfCfyi8ZDdjjK_lP34SVAm9uaBb21JiyDOaWKkXQK1lXSNq3DuA76FaeTlKfkfdUDYClmElG8e6geqYk0rTSzSRvKujMADZw7jiT49JddAzKiCwmps6dcbFXB7Rb1MdImMjr9c_vhKzbQ1-mb4OoAlcIW4tXV8MhncjLlOJvRjhPdu_gzRPK4oICHNqtHTCdOEI9UWLiw08O3G2e1LlkDIiRxJ9up04GLacH_KUeUhoPu5ATWUJpynQDqnCbZ54BohRf99DCU65C-HfWzjzrDx657jtCydeGJSVIcEFLDG7fytHULotpZ6q1HlWnJNuUcC0pVlV0MbwRWNTQ8WoNThMmaUiZLU5u9IjZhuiFZB0TvGkd9hejuyHNjR2o6tTleMbxc1PAZqzLUvB_oNfTRXsmiqDm_rVi4oxMmqwMTGkrmrjpWQezsZslXRrSZSe4FpzmZ-VC3bVt8nZqsQeOGsWHPW3voMPapRoBQg5yiWNiznaozKIxZkdcgTFjfWPGxQyNzVdUMLx-zfU0kem3NFN0ge6cihyGensFLbS_NoYhma0GxGlG-e-uUnJdRhOPI-sXRvPOGTcGHhTbZj2MhEWiuwTC5DdwGbrwIP0LLc7pObOMXU0m4WvUwn9FljpRmuhY43bQIRrlLR8ISppRwDkcX5qTyMGctHdw5FAa30xW4dYcHX8uNq7zcDFpRLctvkCCljMwwi6NEEPPMZUBUWzzEPeZnWEHq-ks7zSAQMMxC5ydgel8vdxX7-XD-4lcRe1GA0fLEuRAjO59mMhqb6Lw5XR-PBPCpvWdp1ce2nkYqdHulCtft4MHkoz-vOO0ql5bqdyxgeoTVxMeOGmSWtxzG_8Q6U2H57embWJeMr3iHdbo7H0oMwEIYKRFAmaxmyJBa9jYD2Zr8qeS4-cl1ss1a3Ca9lJ1LxT9MqZ5-gdu1v2bkMEulDTFVUkbJQFtmN5e9xPoCRTuRa9s64AlLQuFdH7tZ657fAw7rlYRLDPu6f0yXoBY2HVYtuySRCQhQnCBgdMfF7jLxVxwh43DYeK-fc2e9fhmclORqXfDrjFehC0K0gaQBUpcOBlZkSkCBKU9XXv79V8g8UhUIzVOTDJGl4IeHiFS_BNug7qrlG2s7uTE0fcDx9rReC1mHbWmPaWOf2uQqRQaO7LXcEj9W3t_7YCpH66psU8rfLJZKp5AiYPDzIRwiFjPtjlVAXM8jZzsM7fCxSGOcB16tTR8M_dzU9aMc0AUI6htcvzwj2EDz9jSkYR7n4Z1NW9WjY1nHLqYbn-5JEjdNK85fWXrYOq8xobu73_3LygN0laH05I35J-RRrfIn0iBfsrFidv7nSicmz0heVy1zLPhv2yNfYiJpB5ONxnT9ezRw3UTl8G_KwfZx1xbTa1Tk7ILo8wKj-gLXqtPDpCfHTSAwQAvprp8MUsBCABs8riW7AoVD4AWAJenJfQS00gcvCt7b7OaD22W2pLCkVHh3THud2HBFtYuPD2ILG2Kme1oHe__XzDOynW7nS70lWKf_Cr-gwKvTaEMkU6-QE_DcrIuKkQmc3npJkimS1hv-PBJH8zWi6Cg6khNh6ffeLAW2hQuyv80KFkme-ibdmkFdKpwLJosiSF0h-RgQo7e5nZzxQ1ob6n3GWw82l072DLQTDvtdQ2oQ3pW7RmEZk7F5ioRJPYL85gZ3u4OyLI2ns4QZxwgPp9aC3MBrkLbnugcJ8U2WJbDKY7SOr5I1OZXc1o10KAhe3jEDfdE8378L7UribyT_Rr_-3oh05bhxpfBdiJ9UW7PgCFNLE3uPUfleWVhkZxKWv26pWcV1NJiQkYF3YoltN0zLes8731XbFC--w1KzDkKh_TTZSfSn7xwZ1-BMJMzQiEip_U6ZAxruSeTLMX1d3XotV_ebQtRbjJTCm5ixgxaiTGZ0sFja0XWmRidKAfzvFYv2gE1KiCRYPjVIW4Ffu-wCvw0kOLTyF82Oq32Jocwf59UVUtm5espd2yv7PiRMPaz60UvFnZRLoDr7LB36LcJZPJ0yhhuTBdqewltp1Ap9Ew2cEK7GZvzlpe1VlNxEzeNYRsmCGx8U_tt39Nc97u-c_NRQYye--1cAwELE-A9huEDTqrI1pgdSvA_ooWwrmai8oMmX-dRPxPTzaopNipJl7v77kAfGh_gZ6UQ4nOtVkC0q6VlcxdSsZUmnU5RUuqncBuRUs7EHKW95ZC6Rya-_Y7xDSSBHGF8n2LiTB9KlKq5XHUYyr6XghK8aTat66aJQ3vBj08M1ENnG3kl-oF5Vw96ws-USAwIyB8BhpytYm4Qu4rthehu9xusq-837iBarcg4VYhkhSIwzRA2E7cBq20-JJVQhj6Rbq-qJ7JRSK1tlmLTX_0dB8yXWJ1G8ZRYoWFE8HIFUdmfMl0YayanzS9xuTAEDmQpRjtWUQI-8hf_RKcPcPoZmuXbUBL4YB3xhUNXP9-smf8jyOJA1KSnLzbmZCbV7AKp8BnP4_xJKgE2YGRcB-L4WTi5KC60RMngzR7p0VbUSwVpb9lcYr7CYIOSFroHkmSamMrcdpWBKwcd-UoHbCbwl19goOdPLEZZvVqIH0c1iUVHf5rS0S-n5Byta-ISZiSLaO4cZTHrG8G4WfgVzGcM1ZeQgvatMkDCfOYMoJ6iK1G6myLNDMENzXmTFPrXUuOAztGtIen2GogFVkakaSP82kYAvKpNESK3_WWNiihSbUsQHHgQ1DN4xYyrhMBoxoY3E_1XpwjSt0znm0gofie5SiZ9CFo-oFqmn0w30paE76ldlah85YRcj_hjYG7k8gHcC-JYv0Af3LHnX0EK1l_1FHrogPUnk9K4zsh-1PIFGVCowwvxazFIHsRNhjeLopA5Io4cGYMUSkVe_3NLF1DImob7-J8Y56aIRhOq1LllWbmThzCVgxADQAeCgAas0btub1r5zVupym-ybl6o6J4D5WX1pFEdCVzx7lcfFn9_WU7Wbu3T8RyHURw4CL9Lze2gzK2DskHCn9_Xl6sYAaMaq7sP8BxKk0TV6nmBaX3oljukGWrXseOBBlYkHxkHntMdcPynNGw11mXxrpRzQuxNh2z_Hah3CG9GE4yln-_SD_bxgICM9XUZ04n9YxIh5hcj_XYbGn0UcjqRFM2l-xqbL4H5pen8Tjdo&cid=CAASPeRoPtRRPXUR6PV6XE77cI4MhXxVshQBvkeOQ_sapok2AnPIu-I5A11RLxVrKMpcS0hErdtjo6H1_h2Ypu8&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:52:33 GMT content-encoding gzip x-content-type-options nosniff age 284 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:52:33 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 1E69	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Afu_mKJYdk7CSiiez3PxK5XkUT3QcRzN338CFk_TekuBy3B8ttRJiX-4BpKv3pHY69SxuzeoW8n5CWXnTiNx_PpkKdGhRdb_ys1L0IHgtvjFEw8uffWtEzrYOJs-kYnJQuMItrXrBH2TLEPP6fLNhYuh-QyA&cry=1&dbm_d=AKAmf-B_oBkgykcVvKLDi1pnh_iIepyZUc2RZx3hL8wAObbKiF_8QP7YyBwOYItXmnWaZSuFf9aQg6eTWi0s72V63ZmmDGACNkPzO8dyqMY7OKSjvSWSg30GYssMBX-jSqHqoYI4VUm1DnCv0NzkJjgJ95bRZzpi01U0L03bIen_oTjaLgJAWdOaMdAnXSPXpHHTq_uV4y5LB126v6goj2YBU3A6c1AXRHAE_dOklVu2ZqwtVrh1mQn42XrVL4GqLr_ISu0PCR5IWvkJdRLkeftaTIkHxaCnzZLWWKqQxrZaEGUeo_y8aQIAZSzu2i97bzip-iTTRMdaUK9h55P3eWM1j7JBQj3Ne1ZDTNRdz39tZojucybRiLgVadHUjCzeYGIimJsiQh_57wyxtARzcdCL74YgSZ5glv8zraVgMM8I9SKcDCZ4N5a6z6iSDXmBOeylY-osD2mIqpzqRnHvjcg5JSaEGiOsNwO9o1GBTg7W-HKvBSp3RwkeMBFFB9gSncdhjjKfhbJ1JkLLGRZshTZscHktwU2WmGzpfPexLbwFZqQ40a1Fq-rRLOrPG3gRw_YF-4ADokaKjOuN-PpVdqD7M4Rt7LztTKIN1U53wCDGO-ZQeDc7G5HAP5j1eDhGBmhEn9ktYxmedyKx2LNz6Eru5b6QCz7WfCfyi8ZDdjjK_lP34SVAm9uaBb21JiyDOaWKkXQK1lXSNq3DuA76FaeTlKfkfdUDYClmElG8e6geqYk0rTSzSRvKujMADZw7jiT49JddAzKiCwmps6dcbFXB7Rb1MdImMjr9c_vhKzbQ1-mb4OoAlcIW4tXV8MhncjLlOJvRjhPdu_gzRPK4oICHNqtHTCdOEI9UWLiw08O3G2e1LlkDIiRxJ9up04GLacH_KUeUhoPu5ATWUJpynQDqnCbZ54BohRf99DCU65C-HfWzjzrDx657jtCydeGJSVIcEFLDG7fytHULotpZ6q1HlWnJNuUcC0pVlV0MbwRWNTQ8WoNThMmaUiZLU5u9IjZhuiFZB0TvGkd9hejuyHNjR2o6tTleMbxc1PAZqzLUvB_oNfTRXsmiqDm_rVi4oxMmqwMTGkrmrjpWQezsZslXRrSZSe4FpzmZ-VC3bVt8nZqsQeOGsWHPW3voMPapRoBQg5yiWNiznaozKIxZkdcgTFjfWPGxQyNzVdUMLx-zfU0kem3NFN0ge6cihyGensFLbS_NoYhma0GxGlG-e-uUnJdRhOPI-sXRvPOGTcGHhTbZj2MhEWiuwTC5DdwGbrwIP0LLc7pObOMXU0m4WvUwn9FljpRmuhY43bQIRrlLR8ISppRwDkcX5qTyMGctHdw5FAa30xW4dYcHX8uNq7zcDFpRLctvkCCljMwwi6NEEPPMZUBUWzzEPeZnWEHq-ks7zSAQMMxC5ydgel8vdxX7-XD-4lcRe1GA0fLEuRAjO59mMhqb6Lw5XR-PBPCpvWdp1ce2nkYqdHulCtft4MHkoz-vOO0ql5bqdyxgeoTVxMeOGmSWtxzG_8Q6U2H57embWJeMr3iHdbo7H0oMwEIYKRFAmaxmyJBa9jYD2Zr8qeS4-cl1ss1a3Ca9lJ1LxT9MqZ5-gdu1v2bkMEulDTFVUkbJQFtmN5e9xPoCRTuRa9s64AlLQuFdH7tZ657fAw7rlYRLDPu6f0yXoBY2HVYtuySRCQhQnCBgdMfF7jLxVxwh43DYeK-fc2e9fhmclORqXfDrjFehC0K0gaQBUpcOBlZkSkCBKU9XXv79V8g8UhUIzVOTDJGl4IeHiFS_BNug7qrlG2s7uTE0fcDx9rReC1mHbWmPaWOf2uQqRQaO7LXcEj9W3t_7YCpH66psU8rfLJZKp5AiYPDzIRwiFjPtjlVAXM8jZzsM7fCxSGOcB16tTR8M_dzU9aMc0AUI6htcvzwj2EDz9jSkYR7n4Z1NW9WjY1nHLqYbn-5JEjdNK85fWXrYOq8xobu73_3LygN0laH05I35J-RRrfIn0iBfsrFidv7nSicmz0heVy1zLPhv2yNfYiJpB5ONxnT9ezRw3UTl8G_KwfZx1xbTa1Tk7ILo8wKj-gLXqtPDpCfHTSAwQAvprp8MUsBCABs8riW7AoVD4AWAJenJfQS00gcvCt7b7OaD22W2pLCkVHh3THud2HBFtYuPD2ILG2Kme1oHe__XzDOynW7nS70lWKf_Cr-gwKvTaEMkU6-QE_DcrIuKkQmc3npJkimS1hv-PBJH8zWi6Cg6khNh6ffeLAW2hQuyv80KFkme-ibdmkFdKpwLJosiSF0h-RgQo7e5nZzxQ1ob6n3GWw82l072DLQTDvtdQ2oQ3pW7RmEZk7F5ioRJPYL85gZ3u4OyLI2ns4QZxwgPp9aC3MBrkLbnugcJ8U2WJbDKY7SOr5I1OZXc1o10KAhe3jEDfdE8378L7UribyT_Rr_-3oh05bhxpfBdiJ9UW7PgCFNLE3uPUfleWVhkZxKWv26pWcV1NJiQkYF3YoltN0zLes8731XbFC--w1KzDkKh_TTZSfSn7xwZ1-BMJMzQiEip_U6ZAxruSeTLMX1d3XotV_ebQtRbjJTCm5ixgxaiTGZ0sFja0XWmRidKAfzvFYv2gE1KiCRYPjVIW4Ffu-wCvw0kOLTyF82Oq32Jocwf59UVUtm5espd2yv7PiRMPaz60UvFnZRLoDr7LB36LcJZPJ0yhhuTBdqewltp1Ap9Ew2cEK7GZvzlpe1VlNxEzeNYRsmCGx8U_tt39Nc97u-c_NRQYye--1cAwELE-A9huEDTqrI1pgdSvA_ooWwrmai8oMmX-dRPxPTzaopNipJl7v77kAfGh_gZ6UQ4nOtVkC0q6VlcxdSsZUmnU5RUuqncBuRUs7EHKW95ZC6Rya-_Y7xDSSBHGF8n2LiTB9KlKq5XHUYyr6XghK8aTat66aJQ3vBj08M1ENnG3kl-oF5Vw96ws-USAwIyB8BhpytYm4Qu4rthehu9xusq-837iBarcg4VYhkhSIwzRA2E7cBq20-JJVQhj6Rbq-qJ7JRSK1tlmLTX_0dB8yXWJ1G8ZRYoWFE8HIFUdmfMl0YayanzS9xuTAEDmQpRjtWUQI-8hf_RKcPcPoZmuXbUBL4YB3xhUNXP9-smf8jyOJA1KSnLzbmZCbV7AKp8BnP4_xJKgE2YGRcB-L4WTi5KC60RMngzR7p0VbUSwVpb9lcYr7CYIOSFroHkmSamMrcdpWBKwcd-UoHbCbwl19goOdPLEZZvVqIH0c1iUVHf5rS0S-n5Byta-ISZiSLaO4cZTHrG8G4WfgVzGcM1ZeQgvatMkDCfOYMoJ6iK1G6myLNDMENzXmTFPrXUuOAztGtIen2GogFVkakaSP82kYAvKpNESK3_WWNiihSbUsQHHgQ1DN4xYyrhMBoxoY3E_1XpwjSt0znm0gofie5SiZ9CFo-oFqmn0w30paE76ldlah85YRcj_hjYG7k8gHcC-JYv0Af3LHnX0EK1l_1FHrogPUnk9K4zsh-1PIFGVCowwvxazFIHsRNhjeLopA5Io4cGYMUSkVe_3NLF1DImob7-J8Y56aIRhOq1LllWbmThzCVgxADQAeCgAas0btub1r5zVupym-ybl6o6J4D5WX1pFEdCVzx7lcfFn9_WU7Wbu3T8RyHURw4CL9Lze2gzK2DskHCn9_Xl6sYAaMaq7sP8BxKk0TV6nmBaX3oljukGWrXseOBBlYkHxkHntMdcPynNGw11mXxrpRzQuxNh2z_Hah3CG9GE4yln-_SD_bxgICM9XUZ04n9YxIh5hcj_XYbGn0UcjqRFM2l-xqbL4H5pen8Tjdo&cid=CAASPeRoPtRRPXUR6PV6XE77cI4MhXxVshQBvkeOQ_sapok2AnPIu-I5A11RLxVrKMpcS0hErdtjo6H1_h2Ypu8&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 15030 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8388 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 1014 B	46ms 42ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:17 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:17 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8388 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 1014 B	110ms 46ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:18 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 8388 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1	43 B 1022 B	92ms 30ms	Image image/gif	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:17 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.42:80 AN-X-Request-Uuid 1c1ea999-e0fc-4f39-a51d-5db8e57140d9 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 8388 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D	170 B 188 B	78ms 39ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJnYKBDW5SgY2s6cpQEwAQ&v=APEucNX0hmfiBLfPi3qILiftM58hWq9gDG-7CFFB-nMxqKlVfaOqAgrSSQM-fgy_3X-IvtUauEp-_TJLwABvT7PMrlzvTwkcjJc0stHqHtqDmsB-0pLMd7BNgqX3SN9KvpjygJeYs1Ju8LH8uz0k7TSBkiV1VVkdU2IfhTa1mTUN_jnmZAm-NZ-UI4aj5cxpzx0t8jX8hyP-KXxcUdkdU5Bmutuz1UlzZYpxcFNDQmZSp3HnuO3y-5I Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 20:57:17 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.40:80 AN-X-Request-Uuid 34276f82-7505-4f6b-a6c0-58c98fb991de Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	index.html Show response d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/ Frame 8BBC	17 KB 6 KB	41ms 7ms	Document text/html	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8bb76ae89c8b43687f1c8e6ca0f3acb0dd5e65f12881603ea80d5620d0d9d2ec Request headers :method GET :authority d3ccpshcqv1crs.cloudfront.net :scheme https :path /old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers content-type text/html last-modified Tue, 13 Apr 2021 07:47:39 GMT x-amz-meta-sha256 8bb76ae89c8b43687f1c8e6ca0f3acb0dd5e65f12881603ea80d5620d0d9d2ec x-amz-meta-s3b-last-modified 20201014T100144Z server AmazonS3 content-encoding gzip date Fri, 21 May 2021 05:15:24 GMT etag W/"46c06af72a7734bc142d1b0c8a7d9f3d" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id WKFt0l_j_RrHsW_Pky2nPcoDXNjJhGWq_dQaNCPlEKfQ2RN512qasQ== age 56514
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 6359	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7650 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B74B	6 KB 3 KB	21ms 7ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 20:57:14 GMT expires Sat, 21 May 2022 20:57:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7955	6 KB 3 KB	15ms 7ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 20:57:14 GMT expires Sat, 21 May 2022 20:57:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	33ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImZlNWIwYzk5YWI3YmExNWYwNTA1ODJiZTEzMDEzMDNmIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU5MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImZlNWIwYzk5YWI3YmExNWYwNTA1ODJiZTEzMDEzMDNmIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU5MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=92; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:16 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	34ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 20:57:17 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	32ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yMSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=92; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	33ms 32ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjMwNjM4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MCwiYmlkX2Zsb29yX3ByZXYiOjkwLCJiaWRfZmxvb3JfZmlsbGVkIjo0NiwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTY5LCJtdWx0aV9hZF91bml0IjoxLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhdWN0aW9uX2Vwb2NoIjoxNjIxNjMwNjM4LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImJpZF9mbG9vcl9pbml0aWFsIjo5MCwiYmlkX2Zsb29yX3ByZXYiOjkwLCJiaWRfZmxvb3JfZmlsbGVkIjo0NiwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTY5LCJtdWx0aV9hZF91bml0IjoxLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=92; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	31ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiZmU1YjBjOTlhYjdiYTE1ZjA1MDU4MmJlMTMwMTMwM2YifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiZmU1YjBjOTlhYjdiYTE1ZjA1MDU4MmJlMTMwMTMwM2YifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDQ2LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwNDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDksInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	33ms 32ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 20:57:17 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	32ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	30ms 29ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzMDYzOCwiYWRfcG9zaXRpb24iOjExMjYsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTAsImJpZF9mbG9vcl9wcmV2Ijo5MCwiYmlkX2Zsb29yX2ZpbGxlZCI6NDYsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU2OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjMsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzMDYzOCwiYWRfcG9zaXRpb24iOjExMjYsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6OTAsImJpZF9mbG9vcl9wcmV2Ijo5MCwiYmlkX2Zsb29yX2ZpbGxlZCI6NDYsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjU2OSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjMsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:18 UTC
GET H3-29	200	zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response pagead2.googlesyndication.com/bg/ Frame 6359	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:32:37 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30280 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5790 x-xss-protection 0 expires Sat, 21 May 2022 12:32:37 GMT
GET DATA	200 OK	truncated / Frame 1E69	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b009b6a49a285fbc8dc136a743507af540f8b488acb14e92149b2ba837dc4f9 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame D7F7	624 B 299 B	28ms 25ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnMZHnnyiBHBb7C-F5TihmRmDPho5KNgKaHmbuBsS2_MdocAoRPqWtZHwelBeY; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 20:57:17 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 20:57:17 GMT
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 7955	24 KB 12 KB	52ms 50ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duzpfevt_8DKSe502yjgvD_3kng5Ld_xkA0D4t1POy65xIuApAVItF-FmYewDMupzI6CU-tJ8izOfCk-6ee4GpFC5EO0mWJcwxBcRgT3huUt9pdxswY0Ja2UdOTOrQ7vnKPAWslouK4Sf8KhkIE-l2rFuBnA&dbm_d=AKAmf-BI0poZFJ71sX7_NAbz_fztL3KaiECyGqwZR5Lb6CeUTFanvc-Cp37lcl-s3XINRhousfZcuz8AywdI4rbAR61yIoMtuOdfWUWQJgdtjkNo4CRvUCno-ngiP3nqhrmBLOsF99HN5JzB8NUAss6412unQrIB0JxWcY9l28CXTK23Vc_U11GBDpUYBuH5LmivQ7EkfVo2wuEmLHAQVt9AkBBFGDwSlhXF2a_rGDP0GyesC_ZjU4IgOqFxQeQPA1MK2e_8vVeGn8hC8rwQ5BgOq9sOnhIvfnuTRHOhPqsWo0-e7rS4l3ZVglcSWzTLn--S1KOSudPxSXgqdGieXvjLKNnCH3VyLHwpK88jz_X3RFT4Yk2RGlhOkeaawfnee80OyXir4hd1GlZtzdsjvC-nHUc1ZVRuSkQtO9Dj_8aFupdc6spBNlNBqEolCJQkIEP8pI_bFDsiq8P4OuMuzeLbnTSLAXnKcQXl4Zf6BOZ2R9TJRhpwjhk6QDRv23iSxDkgyT3L56vMu6aFRcny_2KIVMScJ9Gji4po_NNYd_you2gE3Z6gyNyIIKolNpCjWJrYJk4z6i1Rq20kUyNrmlU_-Yc1b3SSqN2aQ7el4ysZ39r9ARJuU4NFJ67-oIZ8_y9d1ir13lf51JYJIlnptIZl3rhE0o4tEsRtFINbthrEg1daz1gXFP1mVxpuHlPC6tNVEYFQnuqOIuAAuZb4Ieyx4V4uOs_4DRIoAwNt9WwsMT3J6axP6mho_pUE9M__5vO8O81IU97ZPrdzUVhy8o-voyPeGv97GaEl1Z4uqlT79jzRHUd4GDYVBMNCCyBKCjFjYrptLzcxB75Tk6IHgHPiX25zicg59Q6SeG-q93y4cjB1BNqTCcQXKvXN_4tQ7fHKIK-VbHq3FdjscsLgsqUV3kQeKq39u32mX-x5-0oXmonhdYlVmsGP0t0lS82K3yAGLsQ9ghbqEofkcbByUTTutqgzKwV0TZBCVMiQUV1q7uObWB6vFFZzNSkTec7OjEdj_lDc-mm6JwJ6Ha-xBMyq0F5vC4W8VMsBlPEHelGKLNct5mLmNF8umCll8XooNv1tnDafQgYjFXSXKZsKQboHm3L1LUYLGpf0kD4U0_5GWhx5gmuoEFGjf9PgTCbqXRE7N5sV9Izh_J8xT7wSJbGfm7g9dK1JyOgRPMOmndVd_wR-kP7Wn5_7EhNnJX34jF_C_e7xZ65F5cBCB5_LfKvTN62Lyvi2QAuoQ72rLmNh-SJGm2lI5FPkRWPn8m7avugp6vx98LGJk37Lw_0o7gw2cz_bxEbp06KhKFsKjsOgTCvZeCesL4Dgcdw-903J06iAtcAUWCUnTK0LmOh-PPbJ9TiWIhC5AJ5UErAaaCQ_CnRGGAZ37L5ai68V_2W7Me9bBjSnLZOxNR23nZtWGJYHb7eOszNDR8s8cw2Jf1q2bxoh3DeWwKwjH-77d9_tRDjH4MzaOBOxBlqmVR5cvOwmODXndPHNkhyEVc_g5V40ybP7Md9BRi3_kGos9ymSlwTylAjmUSHBtdlIQ1gkvHo1pnkB5Xr80wZTm9PlQNrdGWELP3-nZJK0Likn_IPXOKfRtBBBUaa4KUSklUyqMtdl_Aj_IJRzNweUae-75W3MaAO5zRgmVnA_UiaKqCHr86xVQZ7TX24YgMiw-Reh9Kzn7gjIQc5Qs2wvwQDvHbqxp5QX2ucXQRGJIiIfTW2aktrifKC70XPsz-_wBNglCR9oZ9-sarD5VgHhlELOeVt_r1ERKrF3hkcWrRMlUc0oltC_s-BejYoVJ3AcYOSfGZyozQAsXfUmcytdVBa76rlq0XS8SpSdV3rjUjfOvPc9vhF1zd6OdMSG6JIkg6NKYTuznLURInlWxXWHIHmcrtZ2mUg51nZgdzj-pcj-Lz9inRi3FeKYJLVHq8qfUQ6IizmOoftGkjjypcQiXIqCTOaV2PaIOIGXRtveZAPwvHfO3BjTey6fnx8smr-emSSbtgr1Xr3gsw7Z1LgBiR123hEithO3aNsk5G-4Bx4fc0vPbqlZH2t9-OXec8mWEhAm8dEk8xEP0f6LBHwDOgKtALhfDrgM9QcA1hIT35tzDGFdFfZJLLjvs0p8bL9pa_y9nZyZF0pdhhJzKsTkM-jBwexk2mdFY_Gn5fO8y9g1OMW7nzsggienSVf5Lp_5ZJWlGtJDtjRfDAjtEsr3_d-ZNpfthL-KFPBH7lILMRGdKT7H9vIfFlwk3J-naZaJBdYzdEDnzJ1owch_hi6zccZBUgXYFUcDMy3JkUIG1UsemTWjst_x_V0w7np_BqAdFfznMBDQs0-YKs72IyAYUOw8lPLiaadtxy9TX775i8_CCOdbKv0kD6_FM_tq65yRL3TlkxBLBzP5L3zyO6hWS-PRNgSYIv3SAi57jGGCHYpoVGvFC4oCYzM1_k1JfbeLjNpsP269zkfU3R6BmsddZV63lNUu00E2urS8KHSiSqNNjfk4ovwmef9njavM-RO5g2KMqm75BCUND9k3Wk8SfBJM3afVk9_H0TmE58I1fiLcfj3kbVLT81iQ097m0pAbqQUuP5ajwnzgIeysJ3Qo50l7_8uplupek25cGEN75DjoKK_nYnPZ2Jsm8Ai-wMuk1Tt_KT48RhBa7GYIqvXwqnwHAODInErmHY2bpXLycv39HazjmsLLk7Bo9PPnXj3mhH4N8riRCykH7LyWOnDH6RIOI1l5yWt2zMDHJoR91LjdexOcKvYroBYr4jnTE2q_XhICKprKPpspiwO9r5aXJ5yjYkYvHQ_bWx3gG-DXEemT4LRyototApoFeqbKHfmJH7S33tu3y70xoNcf-0A_ORpiSisY2mT9sM7L7u7iInLPQkXuXFahwQCxta60HwL0KfjLP7Vo70W-5RKIj13q8_BbJvpVAThEfcPxzVS659bQ5lAmZE-egEVnrlOEqHWUEgO78u7wVR0WYCqHn7h1tJ8MEWgLlGWnQfBuO657LHy_ycnQIxSnUsj9lyJPvyqgNDZdwf3wG_9_LtpR3yVDfevUQHyNJaR6E9M6_2NKI_XmHFBYBGXgd0bOsKcsEBRINuRJNK__QgswmbcLmegL6G1LKGKnR0oZDpFrEtIT-Vw1j8TRHJsbF_A3rDYB&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0267c1e6e4563e777984ed49dff46c4d30c624fa88c792cc6d807ce7701ad709 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12756 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7955	42 B 63 B	42ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArvoVULa4oQwVWv7jD1JlLYZvcVESxrPqMJ1aCR9Q8A8OiO86Dyf8DUVVRIbZPgl94mz_uY0xD9cb59Kr2lLmi8rZ70Gv6E5Co9pkfxo0s5j-vbQM Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clk Show response ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302443771;gdpr=;gdpr_consent=;sz=300x250;click=https://googleads.g.doubleclick.net/dbm/ Frame 7955	43 KB 19 KB	131ms 61ms	Script text/javascript	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302443771;gdpr=;gdpr_consent=;sz=300x250;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C9RR2rR6oYI_LDqilx_APoue-wA7GwuzLYo_1nPP1DdrZHhABIPT5xiVg-4GAgIgKoAHi3dvLAsgBCakC5IA086hwtD6oAwGqBLkBT9Bjo9SlBdjSLUJgdvtZaoep7Eh7k1r6xt3iZlZfT3BWVsFQfXn0KeuQRqXdo5RJ4gUxApQOVhVHPHrks7pcka_SJw3ToLKRYGVWHj4Gv-HKFaVEExY2LHAUqr66uWI8m3T-Inj9su3ke4jpIERuZaGN9THGndc5NGJdIb8JNnt5l-Su7pyDY81SJ5HKJTOODwGO2WSDVxu9FLBjok60y9zG4FOiq5vdDjAljz73MxDCNtXGSwQZOEjABJ76v-2lA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTIxNzY5Mjg3NzA5NzMzODGACgOYCwHICwGADAGwE4TtwwvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&sig=AOD64_2LfHCdi_deS5TXN6FNvwlGRQsm5Q&client=ca-pub-6396844742497208&dbm_c=AKAmf-DUW-71S9ru-qNIlEtfQ1PmzuPnWgQ5gq2DwUp0aBha1ipHQl4MO045rKOciDXSU8hI79MjdpBaHjEla9Mle1oxuGdQ5R7sk0F6nhUlIUYW-YC76FGMgb22ckfhZpSSZBew0N4jGoSBy7vTwrTAxkSo8auCoQ&dbm_d=AKAmf-B4WZ6JZWdHAlbCafgHEGOD_Ku9XT6u2JAAk3SJHakazo_A5D9IsomMbgcyFsfW0kTzZb-fxCGSUFtvUataNuqU1Iki53mOs1ELBuactBLcdsWRVcRdXbjG4fiVbD6gLaZpcbl8LKofRddkOJo1qxhucgTCfN740qlCzTdV1Ei1t5EB2BvvobhAvqskFBiY5OLXQHbljzuCBV1bqa_9aFyN7M-qFGPxCF3dtRqO9XmJ_uYDAEcM5gO7H5A6vPfg2r6lfOiY5R_A0rFfQLpTNQ-ST731-KkF8saXROA--090fUCGbvJ-LAA_9vfK4VY73WB9Ys8njpJyBU7p-khNOAhIEcl5gwFtKyR8QP6jJtYiHq25YO1i55-qd8hanjNOvR4D1ejgtKqJXXKDmVD7yAbqVMc2PlBwQQEdVYmzb1mmQsLrHqx9nR9XQDHtGXCbz-uZnJDP&adurl=;ord=1621630637238991;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash b35461ef4bef79f5c15adb7dc2cc50d7889f4460a4911be81408e7bbd197dee0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19110 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 7955	2 KB 1 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:30 GMT content-encoding gzip x-content-type-options nosniff age 227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:30 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7955	118 KB 36 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424119306032" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36804 x-xss-protection 0 expires Fri, 21 May 2021 20:57:17 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 7955	13 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:38 GMT content-encoding gzip x-content-type-options nosniff age 219 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:38 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 291C	624 B 299 B	24ms 23ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnMZHnnyiBHBb7C-F5TihmRmDPho5KNgKaHmbuBsS2_MdocAoRPqWtZHwelBeY; test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 20:57:17 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 21 May 2021 20:57:17 GMT
GET H3-29	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame B74B	17 KB 7 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:51:42 GMT content-encoding gzip x-content-type-options nosniff age 335 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7009 x-xss-protection 0 server cafe etag 607056201285360291 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:51:42 GMT
GET H3-29	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame B74B	6 KB 3 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp_fy2019.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:29:42 GMT content-encoding gzip x-content-type-options nosniff age 1655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2661 x-xss-protection 0 server cafe etag 7752240862628680351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:29:42 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B74B	0 575 B	141ms 74ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBb1lVzwTKMRlx96dl5KD4y0aOGBYHHdN-gZx_d-dLMxDNAvQK-VwIk2jUSTHpq88zDYOzooKqo00jiKZmiw_wooVTFdL-teVMUmYy2f75VEpMXfaYkFC67iF7-GZbP1J_I1Kwwl0hBFvRCeWBnUlDmv2RkSf0hlZjImmDPScVP8sP0dn2Tp0XFxnU0byNoCqaVILCHh9TDcUhd8YRtevlULbwhYzeGIsDCgXwaHUGj6LBxzGtnsZ2679nujYeFXq2b8OPpBQzVLdkTqku7Ds7cGE6VA4IbpQ6o-cUr4Kxer6R0QN7P-173KRXHR3_1hboGa4lrkCFxa5TWhHFQlY4ljZy9Sb4FU74GFAAP6XXKsbN39KSZquFlan1eux6jCQ_67GUBd4MitkFuSQUGkTWPGXExtXne2VFwCEw9ZO2-muQ21KhRtiuWrrwOycwM68WW1G2QpW1mGpMCVzlu5uPEkjNOIriWTYMBOfpYrzvTS1LSh0bIXvaFHeeraNaVKYUfcH9rp5J2hV3uNYh4D2ANuSeCXmz12Geje3vLnMmpkRcYWZCt1RviIQvt2Vdj_vt_pqwEtfTwxZ3FwnFdX9lmy5Srx8lBhsa1sErkSpP8qRoUKskbO0vWX1-pPIV3iHTPSOIHE4bxtEVQ5xfT2049d7AmqT13jEzXb-fej9qelmOhtJSa1lGM_R79QWAqHQwkxh0ucuwroXurVQAAATQeP9ZlBGwrbzQPRTklG7PWZN8p3Qc31IdyMoAMttU4s7NqchLY1gqSHwu8vJS9astW5eexpjLybpNXlr6U_XtVVKFWr4KivWeIz_Jw4fCP1dy8S3TTBqm1BTO6LZhdQtq1-QRV86smpmG86xNTP9HwFeWvTzYnPuC88Of5IpeTIaBbDEWqFDk0jiu35i08BZqbTMgmXfIwyjm3SlOpMB1eD1eG-KJusNZmJijqfxCpsuiajQVX3a6t8tNPjgeK4UH9iaOABc8NzxugQnPNrSW6sPcgF1IhxcGRySg6D4fiynHcJ5JMzr_Vdu3PARAJ52GFb4Zv9Q9QSkGiGcP6KHvXe5q2W_kXlCPGjqByvRQeD1c_8gdAQjNXEMaG1itJizUCpcvT_hQwRp-mTPcUg&sai=AMfl-YSZKAPknIZJ962GltTNY7deLk_QSF04rEY1gG5zaIiDugQqI_FgCw-Qc16FTsckwUFRb3__Ypuj8IYZYdoj0o95qU559Uu7jTU03x72y_psiFKfTaTtXeM93NE8EqGU9VorCgXrZWEsJT3wtopS5nStxvSnZDf5r58zCFO620uuGR6hsemEYycmD0-odEXD-sRiegk5L99RofGG3gaV5f2f4vqK_TrbcOU8wWCYCV4RpJiUmyeD74usSwiZ524x141-WF8E8fFY2b8wz33HqHMlJyyiVKa828wXsuGigRylZwm9nXhTl0s9UEMNZueSZrioXzykqVTTOBCR0rG8ozIZB8JLeNZPSODqmBMyNG_m5-UdnfCwRYi_oDJ0uYVOYB1NZNp3&sig=Cg0ArKJSzH-mk5_6ZdadEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.72184&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 21 May 2021 20:57:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B74B	41 KB 15 KB	14ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 15030 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B74B	42 B 63 B	47ms 38ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6EzjFJloJU2-R-qiHFjDLAEf3loFuwF_BnEMoxe0_40qu85tdrJvSB0VvaF0-og2BFWTky71XI8-0bLRvhugA7txOdzuMIK8mIrc4yEd49fTdm04 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tfav_adl_434.js Show response j.adlooxtracking.com/ads/js/ Frame B74B	41 KB 41 KB	41ms 34ms	Script application/javascript	37.59.24.120 OVH
General Check archive.org Show headers Download Go to Full URL https://j.adlooxtracking.com/ads/js/tfav_adl_434.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 37.59.24.120 , France, ASN16276 (OVH, FR), Reverse DNS js02.adlooxtracking.com Software nginx/1.15.8 / Resource Hash 037e5d57975a776478c338424556bca1da94077918564ad8737170d997113267 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 21 May 2021 20:57:17 GMT Last-Modified Mon, 26 Apr 2021 09:33:07 GMT Server nginx/1.15.8 ETag "608688d3-a2c9" Content-Type application/javascript Cache-Control no-cache, max-age=60 Connection keep-alive Accept-Ranges bytes Content-Length 41673
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B74B	2 KB 1 KB	12ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:30 GMT content-encoding gzip x-content-type-options nosniff age 227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:30 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B74B	118 KB 36 KB	24ms 19ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:17 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424119306032" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36804 x-xss-protection 0 expires Fri, 21 May 2021 20:57:17 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B74B	13 KB 6 KB	13ms 9ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:38 GMT content-encoding gzip x-content-type-options nosniff age 219 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:38 GMT
GET H2	200	955740490733088872 s0.2mdn.net/simgad/ Frame B74B	42 KB 42 KB	39ms 7ms	Image image/gif	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/955740490733088872 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6acfebc7ff26175fa72b7e73473221ce2404b87029d8ae0ee6941616463efbc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 17 May 2021 11:05:24 GMT x-content-type-options nosniff age 381113 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42877 x-xss-protection 0 last-modified Mon, 17 May 2021 09:48:04 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 17 May 2022 11:05:24 GMT
GET H2	200	300x250.css d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/ Frame 8BBC	3 KB 1 KB	26ms 19ms	Stylesheet text/css	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/300x250.css Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash db5e4ed4f420e259ce10f9e7cfd19d2bc6fa247600898942067e98065283116a Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:22:00 GMT content-encoding gzip last-modified Tue, 13 Apr 2021 07:47:39 GMT server AmazonS3 age 48918 etag W/"c1d88b77ab9a055fc480e7f812599d1f" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id NtfduHTFYxOiCaNWGqtmuzOjSvWtN16ZYLEz0GOCyg-rdKnwzx87cQ==
GET H2	200	temps_1.png d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/assets/ Frame 8BBC	56 KB 57 KB	24ms 19ms	Image image/png	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/assets/temps_1.png Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bab8b2e09ef030859ad68fb6d540c15cdf1270b3158314512169aca5d3e8b08a Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:01 GMT via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) last-modified Tue, 13 Apr 2021 07:47:39 GMT server AmazonS3 age 26477 etag "80a06cc3424dd93f4c233808e3458b64" x-amz-meta-sha256 bab8b2e09ef030859ad68fb6d540c15cdf1270b3158314512169aca5d3e8b08a content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 57788 x-amz-cf-id dqqV9aDivGMlU6rt7KS9ZC4q7IoJRU_QcVcxf4I3civQ1S6WYZdfeQ== x-amz-meta-s3b-last-modified 20200707T124623Z
GET H2	200	logo.png d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/ Frame 8BBC	48 KB 49 KB	23ms 18ms	Image image/png	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/logo.png Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0d28a41e2b3008a6cc27ac989337e20cd88f79b22e2a76aa8e0e23134df37fa Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 01:25:07 GMT via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) last-modified Tue, 13 Apr 2021 07:46:28 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1556111485/ctime:1560760400/gid:1000/gname:floflo/md5:719a49f1fad9c9d5fef27a3a39e6aa41/mode:33188/mtime:1556111485/uid:1000/uname:floflo age 70982 etag "719a49f1fad9c9d5fef27a3a39e6aa41" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 49363 x-amz-cf-id ttjqAQT1g9QcMXDkVnTpPpRQnuQM-agW2cs_SM_mJn1W9-JlHUNyvg==
GET H2	200	main.js Show response d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/ Frame 8BBC	2 KB 1 KB	23ms 19ms	Script application/x-javascript	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/main.js Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04ddd7212efb6405e46bdff0c4154d0f02fc45d069be55424cbe2baac3b4fd5d Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:00 GMT content-encoding gzip last-modified Tue, 13 Apr 2021 07:46:28 GMT server AmazonS3 x-amz-meta-s3cmd-attrs atime:1556111485/ctime:1560760400/gid:1000/gname:floflo/md5:e3d80458dbf5145bdc4f4f171e6ba2ee/mode:33188/mtime:1556111485/uid:1000/uname:floflo age 26477 etag W/"e3d80458dbf5145bdc4f4f171e6ba2ee" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 92V_fp1BIubwTtgkd27MzmPry3Y26OOfc7s5ew6SelbN4os_q1ayKQ==
GET H2	200	animation_standard.js Show response d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/ Frame 8BBC	928 B 1 KB	23ms 18ms	Script application/javascript	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/animation_standard.js Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b8089fcf01ad474d1f04f5c138cbcccda3cb18f6802d978187b516f6fa8eadb7 Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 22:05:00 GMT via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) last-modified Tue, 13 Apr 2021 07:46:27 GMT server AmazonS3 age 82338 etag "acf131d55847fedcb298adec9c540092" x-amz-meta-sha256 b8089fcf01ad474d1f04f5c138cbcccda3cb18f6802d978187b516f6fa8eadb7 content-type application/javascript x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 928 x-amz-cf-id gJfFSsE5e8RKgS9ubR3GYHZyALblYBxG8OF360TacAIN6yrliTcRlA== x-amz-meta-s3b-last-modified 20200416T085703Z
GET DATA	200 OK	truncated / Frame 8BBC	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d02b8f4fc9f8a17d2e6b5d6ba2fb033846795fc428c85e87cef9d78a19374b26 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ic5.php Show response data00.adlooxtracking.com/ads/ Frame 1E69	1 B 454 B	98ms 40ms	XHR text/plain	35.241.31.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&seq=0&campagne=44&banniere=0&plat=2&adloox_transaction_id=null&bp=&visite_id=9189325089&client=1000mercis&ctitle=&os=&navigateur=&appname=Netscape&timezone=-120&fai=frame%20without%20title&data=-813568601ttttttttffffffttttftffffffffttttf&js=tfav_adl_44.js&commitid=a661c72&fw=1&version=1&iframe=1&hadnxs=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url_referrer=https%3A%2F%2Ftrovas.ch%2F&resolution=1600x1200&nb_cpu=12&nav_lang=en-US&date_regen=2021-04-21%2008%3A16%3A30&debug=6%3A%20top%20%21%3D%20window%20-%3E%20document.referrer%20https%3A%2F%2F496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2Ftrovas.ch&fake=000000&popup_history=9&popup_visible=true&type_crea=2&tagid=162&popup_menubar=true&popup_locationbar=true&popup_personalbar=true&popup_scrollbars=true&popup_statusbar=true&popup_toolbar=true&id11=display&id1=1&id2=19995983&id3=346498906&id4=3026445&id5=https%3A%2F%2Ftrovas.ch%2F&id6=https%3A%2F%2Ftrovas.ch%2F&id20=a661c72 Requested by Host: j.adlooxtracking.com URL: https://j.adlooxtracking.com/ads/js/tfav_adl_44.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.31.241.35.bc.googleusercontent.com Software nginx/1.19.8 / PHP/7.4.19 Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:18 GMT content-encoding gzip access-control-allow-origin https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com x-powered-by PHP/7.4.19 route ads-prod-68c5cc8796-wqj52 alt-svc clear pragma no-cache server nginx/1.19.8 vary Accept-Encoding accept-ch-lifetime 86400 content-type text/plain; charset=utf-8 via 1.1 google cache-control no-cache, no-store, must-revalidate accept-ch UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile timing-allow-origin * expires 0
GET H2	200	fixture.json Show response d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/ Frame 8BBC	371 B 792 B	8ms 7ms	XHR application/octet-stream	2600:9000:2156:2a00:2:39c7:7a00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/fixture.json Requested by Host: d3ccpshcqv1crs.cloudfront.net URL: https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:2a00:2:39c7:7a00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 99e7b774c0bc06c17a48eeb0e66b60b6927473b3f9011990230a1c507c207da1 Request headers Referer https://d3ccpshcqv1crs.cloudfront.net/old/3679842/2019_fil_rouge_template_json/2_TRAV_MENS/300x250/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 03:25:38 GMT via 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront) last-modified Tue, 13 Apr 2021 07:47:45 GMT server AmazonS3 age 63113 etag "c2a49d7572cd5bc7935d91ef5b54e9fd" x-amz-meta-sha256 99e7b774c0bc06c17a48eeb0e66b60b6927473b3f9011990230a1c507c207da1 content-type application/octet-stream x-cache Hit from cloudfront x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 371 x-amz-cf-id 2rZqWIW6UzDXLg57WfsF9MvS-DltK-y1fddSaIc6F0sLdSaAVKjnrA== x-amz-meta-s3b-last-modified 20210411T225400Z
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 7955	22 KB 8 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duzpfevt_8DKSe502yjgvD_3kng5Ld_xkA0D4t1POy65xIuApAVItF-FmYewDMupzI6CU-tJ8izOfCk-6ee4GpFC5EO0mWJcwxBcRgT3huUt9pdxswY0Ja2UdOTOrQ7vnKPAWslouK4Sf8KhkIE-l2rFuBnA&dbm_d=AKAmf-BI0poZFJ71sX7_NAbz_fztL3KaiECyGqwZR5Lb6CeUTFanvc-Cp37lcl-s3XINRhousfZcuz8AywdI4rbAR61yIoMtuOdfWUWQJgdtjkNo4CRvUCno-ngiP3nqhrmBLOsF99HN5JzB8NUAss6412unQrIB0JxWcY9l28CXTK23Vc_U11GBDpUYBuH5LmivQ7EkfVo2wuEmLHAQVt9AkBBFGDwSlhXF2a_rGDP0GyesC_ZjU4IgOqFxQeQPA1MK2e_8vVeGn8hC8rwQ5BgOq9sOnhIvfnuTRHOhPqsWo0-e7rS4l3ZVglcSWzTLn--S1KOSudPxSXgqdGieXvjLKNnCH3VyLHwpK88jz_X3RFT4Yk2RGlhOkeaawfnee80OyXir4hd1GlZtzdsjvC-nHUc1ZVRuSkQtO9Dj_8aFupdc6spBNlNBqEolCJQkIEP8pI_bFDsiq8P4OuMuzeLbnTSLAXnKcQXl4Zf6BOZ2R9TJRhpwjhk6QDRv23iSxDkgyT3L56vMu6aFRcny_2KIVMScJ9Gji4po_NNYd_you2gE3Z6gyNyIIKolNpCjWJrYJk4z6i1Rq20kUyNrmlU_-Yc1b3SSqN2aQ7el4ysZ39r9ARJuU4NFJ67-oIZ8_y9d1ir13lf51JYJIlnptIZl3rhE0o4tEsRtFINbthrEg1daz1gXFP1mVxpuHlPC6tNVEYFQnuqOIuAAuZb4Ieyx4V4uOs_4DRIoAwNt9WwsMT3J6axP6mho_pUE9M__5vO8O81IU97ZPrdzUVhy8o-voyPeGv97GaEl1Z4uqlT79jzRHUd4GDYVBMNCCyBKCjFjYrptLzcxB75Tk6IHgHPiX25zicg59Q6SeG-q93y4cjB1BNqTCcQXKvXN_4tQ7fHKIK-VbHq3FdjscsLgsqUV3kQeKq39u32mX-x5-0oXmonhdYlVmsGP0t0lS82K3yAGLsQ9ghbqEofkcbByUTTutqgzKwV0TZBCVMiQUV1q7uObWB6vFFZzNSkTec7OjEdj_lDc-mm6JwJ6Ha-xBMyq0F5vC4W8VMsBlPEHelGKLNct5mLmNF8umCll8XooNv1tnDafQgYjFXSXKZsKQboHm3L1LUYLGpf0kD4U0_5GWhx5gmuoEFGjf9PgTCbqXRE7N5sV9Izh_J8xT7wSJbGfm7g9dK1JyOgRPMOmndVd_wR-kP7Wn5_7EhNnJX34jF_C_e7xZ65F5cBCB5_LfKvTN62Lyvi2QAuoQ72rLmNh-SJGm2lI5FPkRWPn8m7avugp6vx98LGJk37Lw_0o7gw2cz_bxEbp06KhKFsKjsOgTCvZeCesL4Dgcdw-903J06iAtcAUWCUnTK0LmOh-PPbJ9TiWIhC5AJ5UErAaaCQ_CnRGGAZ37L5ai68V_2W7Me9bBjSnLZOxNR23nZtWGJYHb7eOszNDR8s8cw2Jf1q2bxoh3DeWwKwjH-77d9_tRDjH4MzaOBOxBlqmVR5cvOwmODXndPHNkhyEVc_g5V40ybP7Md9BRi3_kGos9ymSlwTylAjmUSHBtdlIQ1gkvHo1pnkB5Xr80wZTm9PlQNrdGWELP3-nZJK0Likn_IPXOKfRtBBBUaa4KUSklUyqMtdl_Aj_IJRzNweUae-75W3MaAO5zRgmVnA_UiaKqCHr86xVQZ7TX24YgMiw-Reh9Kzn7gjIQc5Qs2wvwQDvHbqxp5QX2ucXQRGJIiIfTW2aktrifKC70XPsz-_wBNglCR9oZ9-sarD5VgHhlELOeVt_r1ERKrF3hkcWrRMlUc0oltC_s-BejYoVJ3AcYOSfGZyozQAsXfUmcytdVBa76rlq0XS8SpSdV3rjUjfOvPc9vhF1zd6OdMSG6JIkg6NKYTuznLURInlWxXWHIHmcrtZ2mUg51nZgdzj-pcj-Lz9inRi3FeKYJLVHq8qfUQ6IizmOoftGkjjypcQiXIqCTOaV2PaIOIGXRtveZAPwvHfO3BjTey6fnx8smr-emSSbtgr1Xr3gsw7Z1LgBiR123hEithO3aNsk5G-4Bx4fc0vPbqlZH2t9-OXec8mWEhAm8dEk8xEP0f6LBHwDOgKtALhfDrgM9QcA1hIT35tzDGFdFfZJLLjvs0p8bL9pa_y9nZyZF0pdhhJzKsTkM-jBwexk2mdFY_Gn5fO8y9g1OMW7nzsggienSVf5Lp_5ZJWlGtJDtjRfDAjtEsr3_d-ZNpfthL-KFPBH7lILMRGdKT7H9vIfFlwk3J-naZaJBdYzdEDnzJ1owch_hi6zccZBUgXYFUcDMy3JkUIG1UsemTWjst_x_V0w7np_BqAdFfznMBDQs0-YKs72IyAYUOw8lPLiaadtxy9TX775i8_CCOdbKv0kD6_FM_tq65yRL3TlkxBLBzP5L3zyO6hWS-PRNgSYIv3SAi57jGGCHYpoVGvFC4oCYzM1_k1JfbeLjNpsP269zkfU3R6BmsddZV63lNUu00E2urS8KHSiSqNNjfk4ovwmef9njavM-RO5g2KMqm75BCUND9k3Wk8SfBJM3afVk9_H0TmE58I1fiLcfj3kbVLT81iQ097m0pAbqQUuP5ajwnzgIeysJ3Qo50l7_8uplupek25cGEN75DjoKK_nYnPZ2Jsm8Ai-wMuk1Tt_KT48RhBa7GYIqvXwqnwHAODInErmHY2bpXLycv39HazjmsLLk7Bo9PPnXj3mhH4N8riRCykH7LyWOnDH6RIOI1l5yWt2zMDHJoR91LjdexOcKvYroBYr4jnTE2q_XhICKprKPpspiwO9r5aXJ5yjYkYvHQ_bWx3gG-DXEemT4LRyototApoFeqbKHfmJH7S33tu3y70xoNcf-0A_ORpiSisY2mT9sM7L7u7iInLPQkXuXFahwQCxta60HwL0KfjLP7Vo70W-5RKIj13q8_BbJvpVAThEfcPxzVS659bQ5lAmZE-egEVnrlOEqHWUEgO78u7wVR0WYCqHn7h1tJ8MEWgLlGWnQfBuO657LHy_ycnQIxSnUsj9lyJPvyqgNDZdwf3wG_9_LtpR3yVDfevUQHyNJaR6E9M6_2NKI_XmHFBYBGXgd0bOsKcsEBRINuRJNK__QgswmbcLmegL6G1LKGKnR0oZDpFrEtIT-Vw1j8TRHJsbF_A3rDYB&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:52:33 GMT content-encoding gzip x-content-type-options nosniff age 285 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:52:33 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 7955	41 KB 15 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Duzpfevt_8DKSe502yjgvD_3kng5Ld_xkA0D4t1POy65xIuApAVItF-FmYewDMupzI6CU-tJ8izOfCk-6ee4GpFC5EO0mWJcwxBcRgT3huUt9pdxswY0Ja2UdOTOrQ7vnKPAWslouK4Sf8KhkIE-l2rFuBnA&dbm_d=AKAmf-BI0poZFJ71sX7_NAbz_fztL3KaiECyGqwZR5Lb6CeUTFanvc-Cp37lcl-s3XINRhousfZcuz8AywdI4rbAR61yIoMtuOdfWUWQJgdtjkNo4CRvUCno-ngiP3nqhrmBLOsF99HN5JzB8NUAss6412unQrIB0JxWcY9l28CXTK23Vc_U11GBDpUYBuH5LmivQ7EkfVo2wuEmLHAQVt9AkBBFGDwSlhXF2a_rGDP0GyesC_ZjU4IgOqFxQeQPA1MK2e_8vVeGn8hC8rwQ5BgOq9sOnhIvfnuTRHOhPqsWo0-e7rS4l3ZVglcSWzTLn--S1KOSudPxSXgqdGieXvjLKNnCH3VyLHwpK88jz_X3RFT4Yk2RGlhOkeaawfnee80OyXir4hd1GlZtzdsjvC-nHUc1ZVRuSkQtO9Dj_8aFupdc6spBNlNBqEolCJQkIEP8pI_bFDsiq8P4OuMuzeLbnTSLAXnKcQXl4Zf6BOZ2R9TJRhpwjhk6QDRv23iSxDkgyT3L56vMu6aFRcny_2KIVMScJ9Gji4po_NNYd_you2gE3Z6gyNyIIKolNpCjWJrYJk4z6i1Rq20kUyNrmlU_-Yc1b3SSqN2aQ7el4ysZ39r9ARJuU4NFJ67-oIZ8_y9d1ir13lf51JYJIlnptIZl3rhE0o4tEsRtFINbthrEg1daz1gXFP1mVxpuHlPC6tNVEYFQnuqOIuAAuZb4Ieyx4V4uOs_4DRIoAwNt9WwsMT3J6axP6mho_pUE9M__5vO8O81IU97ZPrdzUVhy8o-voyPeGv97GaEl1Z4uqlT79jzRHUd4GDYVBMNCCyBKCjFjYrptLzcxB75Tk6IHgHPiX25zicg59Q6SeG-q93y4cjB1BNqTCcQXKvXN_4tQ7fHKIK-VbHq3FdjscsLgsqUV3kQeKq39u32mX-x5-0oXmonhdYlVmsGP0t0lS82K3yAGLsQ9ghbqEofkcbByUTTutqgzKwV0TZBCVMiQUV1q7uObWB6vFFZzNSkTec7OjEdj_lDc-mm6JwJ6Ha-xBMyq0F5vC4W8VMsBlPEHelGKLNct5mLmNF8umCll8XooNv1tnDafQgYjFXSXKZsKQboHm3L1LUYLGpf0kD4U0_5GWhx5gmuoEFGjf9PgTCbqXRE7N5sV9Izh_J8xT7wSJbGfm7g9dK1JyOgRPMOmndVd_wR-kP7Wn5_7EhNnJX34jF_C_e7xZ65F5cBCB5_LfKvTN62Lyvi2QAuoQ72rLmNh-SJGm2lI5FPkRWPn8m7avugp6vx98LGJk37Lw_0o7gw2cz_bxEbp06KhKFsKjsOgTCvZeCesL4Dgcdw-903J06iAtcAUWCUnTK0LmOh-PPbJ9TiWIhC5AJ5UErAaaCQ_CnRGGAZ37L5ai68V_2W7Me9bBjSnLZOxNR23nZtWGJYHb7eOszNDR8s8cw2Jf1q2bxoh3DeWwKwjH-77d9_tRDjH4MzaOBOxBlqmVR5cvOwmODXndPHNkhyEVc_g5V40ybP7Md9BRi3_kGos9ymSlwTylAjmUSHBtdlIQ1gkvHo1pnkB5Xr80wZTm9PlQNrdGWELP3-nZJK0Likn_IPXOKfRtBBBUaa4KUSklUyqMtdl_Aj_IJRzNweUae-75W3MaAO5zRgmVnA_UiaKqCHr86xVQZ7TX24YgMiw-Reh9Kzn7gjIQc5Qs2wvwQDvHbqxp5QX2ucXQRGJIiIfTW2aktrifKC70XPsz-_wBNglCR9oZ9-sarD5VgHhlELOeVt_r1ERKrF3hkcWrRMlUc0oltC_s-BejYoVJ3AcYOSfGZyozQAsXfUmcytdVBa76rlq0XS8SpSdV3rjUjfOvPc9vhF1zd6OdMSG6JIkg6NKYTuznLURInlWxXWHIHmcrtZ2mUg51nZgdzj-pcj-Lz9inRi3FeKYJLVHq8qfUQ6IizmOoftGkjjypcQiXIqCTOaV2PaIOIGXRtveZAPwvHfO3BjTey6fnx8smr-emSSbtgr1Xr3gsw7Z1LgBiR123hEithO3aNsk5G-4Bx4fc0vPbqlZH2t9-OXec8mWEhAm8dEk8xEP0f6LBHwDOgKtALhfDrgM9QcA1hIT35tzDGFdFfZJLLjvs0p8bL9pa_y9nZyZF0pdhhJzKsTkM-jBwexk2mdFY_Gn5fO8y9g1OMW7nzsggienSVf5Lp_5ZJWlGtJDtjRfDAjtEsr3_d-ZNpfthL-KFPBH7lILMRGdKT7H9vIfFlwk3J-naZaJBdYzdEDnzJ1owch_hi6zccZBUgXYFUcDMy3JkUIG1UsemTWjst_x_V0w7np_BqAdFfznMBDQs0-YKs72IyAYUOw8lPLiaadtxy9TX775i8_CCOdbKv0kD6_FM_tq65yRL3TlkxBLBzP5L3zyO6hWS-PRNgSYIv3SAi57jGGCHYpoVGvFC4oCYzM1_k1JfbeLjNpsP269zkfU3R6BmsddZV63lNUu00E2urS8KHSiSqNNjfk4ovwmef9njavM-RO5g2KMqm75BCUND9k3Wk8SfBJM3afVk9_H0TmE58I1fiLcfj3kbVLT81iQ097m0pAbqQUuP5ajwnzgIeysJ3Qo50l7_8uplupek25cGEN75DjoKK_nYnPZ2Jsm8Ai-wMuk1Tt_KT48RhBa7GYIqvXwqnwHAODInErmHY2bpXLycv39HazjmsLLk7Bo9PPnXj3mhH4N8riRCykH7LyWOnDH6RIOI1l5yWt2zMDHJoR91LjdexOcKvYroBYr4jnTE2q_XhICKprKPpspiwO9r5aXJ5yjYkYvHQ_bWx3gG-DXEemT4LRyototApoFeqbKHfmJH7S33tu3y70xoNcf-0A_ORpiSisY2mT9sM7L7u7iInLPQkXuXFahwQCxta60HwL0KfjLP7Vo70W-5RKIj13q8_BbJvpVAThEfcPxzVS659bQ5lAmZE-egEVnrlOEqHWUEgO78u7wVR0WYCqHn7h1tJ8MEWgLlGWnQfBuO657LHy_ycnQIxSnUsj9lyJPvyqgNDZdwf3wG_9_LtpR3yVDfevUQHyNJaR6E9M6_2NKI_XmHFBYBGXgd0bOsKcsEBRINuRJNK__QgswmbcLmegL6G1LKGKnR0oZDpFrEtIT-Vw1j8TRHJsbF_A3rDYB&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 15031 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame B74B	0 23 B	103ms 66ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBb1lVzwTKMRlx96dl5KD4y0aOGBYHHdN-gZx_d-dLMxDNAvQK-VwIk2jUSTHpq88zDYOzooKqo00jiKZmiw_wooVTFdL-teVMUmYy2f75VEpMXfaYkFC67iF7-GZbP1J_I1Kwwl0hBFvRCeWBnUlDmv2RkSf0hlZjImmDPScVP8sP0dn2Tp0XFxnU0byNoCqaVILCHh9TDcUhd8YRtevlULbwhYzeGIsDCgXwaHUGj6LBxzGtnsZ2679nujYeFXq2b8OPpBQzVLdkTqku7Ds7cGE6VA4IbpQ6o-cUr4Kxer6R0QN7P-173KRXHR3_1hboGa4lrkCFxa5TWhHFQlY4ljZy9Sb4FU74GFAAP6XXKsbN39KSZquFlan1eux6jCQ_67GUBd4MitkFuSQUGkTWPGXExtXne2VFwCEw9ZO2-muQ21KhRtiuWrrwOycwM68WW1G2QpW1mGpMCVzlu5uPEkjNOIriWTYMBOfpYrzvTS1LSh0bIXvaFHeeraNaVKYUfcH9rp5J2hV3uNYh4D2ANuSeCXmz12Geje3vLnMmpkRcYWZCt1RviIQvt2Vdj_vt_pqwEtfTwxZ3FwnFdX9lmy5Srx8lBhsa1sErkSpP8qRoUKskbO0vWX1-pPIV3iHTPSOIHE4bxtEVQ5xfT2049d7AmqT13jEzXb-fej9qelmOhtJSa1lGM_R79QWAqHQwkxh0ucuwroXurVQAAATQeP9ZlBGwrbzQPRTklG7PWZN8p3Qc31IdyMoAMttU4s7NqchLY1gqSHwu8vJS9astW5eexpjLybpNXlr6U_XtVVKFWr4KivWeIz_Jw4fCP1dy8S3TTBqm1BTO6LZhdQtq1-QRV86smpmG86xNTP9HwFeWvTzYnPuC88Of5IpeTIaBbDEWqFDk0jiu35i08BZqbTMgmXfIwyjm3SlOpMB1eD1eG-KJusNZmJijqfxCpsuiajQVX3a6t8tNPjgeK4UH9iaOABc8NzxugQnPNrSW6sPcgF1IhxcGRySg6D4fiynHcJ5JMzr_Vdu3PARAJ52GFb4Zv9Q9QSkGiGcP6KHvXe5q2W_kXlCPGjqByvRQeD1c_8gdAQjNXEMaG1itJizUCpcvT_hQwRp-mTPcUg&sai=AMfl-YSZKAPknIZJ962GltTNY7deLk_QSF04rEY1gG5zaIiDugQqI_FgCw-Qc16FTsckwUFRb3__Ypuj8IYZYdoj0o95qU559Uu7jTU03x72y_psiFKfTaTtXeM93NE8EqGU9VorCgXrZWEsJT3wtopS5nStxvSnZDf5r58zCFO620uuGR6hsemEYycmD0-odEXD-sRiegk5L99RofGG3gaV5f2f4vqK_TrbcOU8wWCYCV4RpJiUmyeD74usSwiZ524x141-WF8E8fFY2b8wz33HqHMlJyyiVKa828wXsuGigRylZwm9nXhTl0s9UEMNZueSZrioXzykqVTTOBCR0rG8ozIZB8JLeNZPSODqmBMyNG_m5-UdnfCwRYi_oDJ0uYVOYB1NZNp3&sig=Cg0ArKJSzH-mk5_6ZdadEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&vt=11&dtpt=210&dett=2&cstd=0&cisv=r20210517.72184&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 767A	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7651 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame B74B	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ed15cbcdd133ac3dd3ea0ef418de8281523b2e453924d19aad8b91f1adda3fb Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 291C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 1014 B	82ms 49ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:18 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 291C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 894 B	45ms 44ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:18 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 291C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1	43 B 1023 B	30ms 29ms	Image image/gif	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.140:80 AN-X-Request-Uuid 2e3f622e-a274-4776-996a-2818ca90c03f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 291C Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D	170 B 188 B	39ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuv7QEQiMLvARixvtqpATAB&v=APEucNXUdFTWy8u1ljGagrq7mZhDrCmfffhnrRnd-LZQ_7EPVy2NbdnOLD0jjkrbJLGzYdfKSfz2b9TUkAFEnhb6wJquVb4KimUrDyPDRIcfDZiZLV9dYGVkIY68lUvCWHTeBL0If0608yj3wULS5KhOQ9NmJvF9KUiZsXj8rwhhdT_Q4srZmLz_JEXeGIEOZn5uVTA4lA8aob3h38FlvwryMZ5HUvscB7ApZAEJrZenWsx3Xqhf77Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.240:80 AN-X-Request-Uuid 78e00a96-abc9-4e5b-a51c-6ae785f63d5c Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D7F7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 894 B	83ms 54ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:18 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame D7F7 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKgerQoXRWbAfy0KPqlXcgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1	43 B 894 B	45ms 44ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 21 May 2021 20:57:18 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMTrhp4hHUkBOk_p9ONv0e4&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame D7F7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1	43 B 1023 B	36ms 35ms	Image image/gif	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.154:80 AN-X-Request-Uuid d7f4cb51-9014-402d-befc-784b4b3602c0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESENP5u-PIzo544cOR0thd9fE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame D7F7 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D	170 B 188 B	39ms 39ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjI7-SmATAB&v=APEucNVL5wJLW4GyFROvCeeE9HWdElmHwTxavkemMmdKA_s3nFa6_fHme5RYbbT6Cyr3uM52YBcXz-Gj4cI8uEPbQEcj8Qyhcoi-S2AK0vizWr2O-1Hk9OLxYBueBIeK22hbjsmSLKcX5AEhvQpu9hxZiyD732rGw_XA2WNBNSJkZ7NVMyukeeuO529uWCepvz75-10bgWAXKRvDql530ECm8VAlDWMZwObbWsmvQzi89q0-Khp0E0w Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 20:57:18 GMT X-Proxy-Origin 82.102.18.235; 82.102.18.235; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.201:80 AN-X-Request-Uuid e01b4050-462c-41a6-a09c-423a04d18840 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjY3OTM2MDgxMjQ4MjE4MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	ic5.php Show response data00.adlooxtracking.com/ads/ Frame B74B	222 B 214 B	33ms 32ms	XHR text/plain	35.241.31.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data00.adlooxtracking.com/ads/ic5.php?adloox_io=1&seq=0&campagne=434&banniere=0&plat=2&adloox_transaction_id=null&bp=&visite_id=21315172308&client=seloger&ctitle=&os=&navigateur=&appname=Netscape&timezone=-120&fai=frame%20without%20title&data=-813568601ttttttttffffffttttftffffffffttttf&js=tfav_adl_434.js&commitid=8a9b23a&fw=1&version=1&iframe=1&hadnxs=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&url_referrer=https%3A%2F%2Ftrovas.ch%2F&resolution=1600x1200&nb_cpu=12&nav_lang=en-US&date_regen=2021-04-26%2009%3A33%3A03&debug=6%3A%20top%20%21%3D%20window%20-%3E%20document.referrer%20https%3A%2F%2F496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ao=https%3A%2F%2Ftrovas.ch&fake=000000&popup_history=9&popup_visible=true&type_crea=2&tagid=764&popup_menubar=true&popup_locationbar=true&popup_personalbar=true&popup_scrollbars=true&popup_statusbar=true&popup_toolbar=true&id11=display&id1=1&id2=50837920&id3=355901233&id4=20288062&id5=https%3A%2F%2Ftrovas.ch%2F&id6=https%3A%2F%2Ftrovas.ch%2F&id7=ABAjH0jBqa1pDQ7pZ47nbeL0NGS8&id20=8a9b23a Requested by Host: j.adlooxtracking.com URL: https://j.adlooxtracking.com/ads/js/tfav_adl_434.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.31.241.35.bc.googleusercontent.com Software nginx/1.19.8 / PHP/7.4.19 Resource Hash 98ec1ea70fb729bb32e63a751970da54e442307a32819386baf97ddf2b481634 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:18 GMT content-encoding gzip access-control-allow-origin https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com x-powered-by PHP/7.4.19 route ads-prod-68c5cc8796-7dhzb alt-svc clear pragma no-cache server nginx/1.19.8 vary Accept-Encoding accept-ch-lifetime 86400 content-type text/plain; charset=utf-8 via 1.1 google cache-control no-cache, no-store, must-revalidate accept-ch UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile timing-allow-origin * expires 0
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 2D48	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7651 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 7955	111 KB 38 KB	21ms 6ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:48:05 GMT content-encoding gzip x-content-type-options nosniff age 29353 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 12:48:05 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 7955	8 KB 3 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25723610.302443771;gdpr=;gdpr_consent=;sz=300x250;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C9RR2rR6oYI_LDqilx_APoue-wA7GwuzLYo_1nPP1DdrZHhABIPT5xiVg-4GAgIgKoAHi3dvLAsgBCakC5IA086hwtD6oAwGqBLkBT9Bjo9SlBdjSLUJgdvtZaoep7Eh7k1r6xt3iZlZfT3BWVsFQfXn0KeuQRqXdo5RJ4gUxApQOVhVHPHrks7pcka_SJw3ToLKRYGVWHj4Gv-HKFaVEExY2LHAUqr66uWI8m3T-Inj9su3ke4jpIERuZaGN9THGndc5NGJdIb8JNnt5l-Su7pyDY81SJ5HKJTOODwGO2WSDVxu9FLBjok60y9zG4FOiq5vdDjAljz73MxDCNtXGSwQZOEjABJ76v-2lA-AEA5AGAaAGTYAHhqKktAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTIxNzY5Mjg3NzA5NzMzODGACgOYCwHICwGADAGwE4TtwwvQEwDYEwPYFAHQFQGAFwE&ae=1&num=1&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&sig=AOD64_2LfHCdi_deS5TXN6FNvwlGRQsm5Q&client=ca-pub-6396844742497208&dbm_c=AKAmf-DUW-71S9ru-qNIlEtfQ1PmzuPnWgQ5gq2DwUp0aBha1ipHQl4MO045rKOciDXSU8hI79MjdpBaHjEla9Mle1oxuGdQ5R7sk0F6nhUlIUYW-YC76FGMgb22ckfhZpSSZBew0N4jGoSBy7vTwrTAxkSo8auCoQ&dbm_d=AKAmf-B4WZ6JZWdHAlbCafgHEGOD_Ku9XT6u2JAAk3SJHakazo_A5D9IsomMbgcyFsfW0kTzZb-fxCGSUFtvUataNuqU1Iki53mOs1ELBuactBLcdsWRVcRdXbjG4fiVbD6gLaZpcbl8LKofRddkOJo1qxhucgTCfN740qlCzTdV1Ei1t5EB2BvvobhAvqskFBiY5OLXQHbljzuCBV1bqa_9aFyN7M-qFGPxCF3dtRqO9XmJ_uYDAEcM5gO7H5A6vPfg2r6lfOiY5R_A0rFfQLpTNQ-ST731-KkF8saXROA--090fUCGbvJ-LAA_9vfK4VY73WB9Ys8njpJyBU7p-khNOAhIEcl5gwFtKyR8QP6jJtYiHq25YO1i55-qd8hanjNOvR4D1ejgtKqJXXKDmVD7yAbqVMc2PlBwQQEdVYmzb1mmQsLrHqx9nR9XQDHtGXCbz-uZnJDP&adurl=;ord=1621630637238991;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:54:13 GMT content-encoding gzip x-content-type-options nosniff age 185 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:54:13 GMT
GET DATA	200 OK	truncated / Frame 7955	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 733f6acb8224378e1675b23deb3a39b90307b7dcb0e1cbc9640df5e1cf5df85d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 76B5	22 KB 8 KB	14ms 12ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7651 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	5 KB 2 KB	23ms 7ms	Document text/html	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b991ed3ebb0db4519d92819e4f5f342dcfd888ace162ae768b05c5288713a864 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 1513 date Fri, 21 May 2021 13:19:48 GMT expires Sat, 22 May 2021 13:19:48 GMT last-modified Sun, 31 Jan 2021 23:17:18 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 27450 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 7955	0 23 B	64ms 64ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwRkws3WWlJm0Cilh38hsByq4exrTj6kSNHAFAZDklCGRzy0Wik6E38XX4tKqVa4nQBHZjHrjm1S9tH5yRqgaoI-b4kWGvkbixXnV9Mv8QiqZC-GngHqWJQ2L6WNG6v7G_E0dqN8S0CgqG8j-7Ny75yTYLFOhtY-pjwkvODHcE-zFIGwQe7EVt9kH_NV8mcRretCzP-XFeMYOVkTSm&sig=Cg0ArKJSzFBAMfIC61HfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&cbvp=1&cstd=83&cisv=r20210517.82358&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response pagead2.googlesyndication.com/bg/ Frame 767A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:31:35 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30343 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5770 x-xss-protection 0 expires Sat, 21 May 2022 12:31:35 GMT
GET H3-29	200	zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response pagead2.googlesyndication.com/bg/ Frame 2D48	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:32:37 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30281 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5790 x-xss-protection 0 expires Sat, 21 May 2022 12:32:37 GMT
GET H3-29	200	NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response pagead2.googlesyndication.com/bg/ Frame 76B5	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:31:35 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30343 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5770 x-xss-protection 0 expires Sat, 21 May 2022 12:31:35 GMT
GET H3-29	200	style.css s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	1 KB 535 B	7ms 6ms	Stylesheet text/css	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84c65cf6dccd23cbcc0603f73e434c41a4086431756078e8bd2c7a1ff182066f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT content-encoding gzip x-content-type-options nosniff age 27450 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 511 x-xss-protection 0 last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	main.js Show response s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	2 KB 630 B	8ms 7ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 37d971369b157cc4d0dc92e9f1cd3d7f1ca991c3722593e3031a2aaaf6a5925a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT content-encoding gzip x-content-type-options nosniff age 27450 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 606 x-xss-protection 0 last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame C908	110 KB 37 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:18 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37930 x-xss-protection 0 last-modified Tue, 20 Jun 2017 21:14:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 20:57:18 GMT
GET H3-29	200	back3.jpg s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	32 KB 32 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/back3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04d48b95f4f5f750450039ff5fd5c57184e2cb124e9c12151eaae7cbc0bd5484 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32771 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text3.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	858 B 880 B	6ms 6ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text3.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 739d2fd1b9a04bcd81d39440eb5198a08bbf3e803a3073aa407162baee5ca722 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:18 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 858 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text3a.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	629 B 651 B	10ms 7ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text3a.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7bc25531b8cc8c343dafe971d37212969df1c453a4dbe393149d93b1beebd1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 629 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text3b.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	624 B 646 B	18ms 15ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text3b.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84f285172be3d41a4cc9b8bfcee3a1f8426ad11d04df0bee1e4a95ead399ab03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 624 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text3c.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	815 B 837 B	17ms 14ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text3c.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7bc64fa17726261970893d6a380df88fbb4dddf18573f5d25be51b9779c4984 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 815 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	ml.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	404 B 426 B	10ms 8ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ml.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb66078ae708305d3cce1fddabe0874cd3bee93e0b5efab7afce71c626910aa0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 404 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text4.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	1 KB 1 KB	23ms 21ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text4.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498e1816875171bad3e7bee172b561231eb2f8aa004e9b872fd5b651f5f84062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1050 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	cta.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	5 KB 5 KB	19ms 17ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa5952c7e8777c80f33024706e3d13cb31c07077bbd3c882eeedbfc026a0c070 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5416 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	nissan_black.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	1 KB 1 KB	19ms 17ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/nissan_black.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39e4c6e25be371a3026dc5ea8ae0e23e953d6916518811fcc5c1a1769767ab16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1420 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	back2.jpg s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	33 KB 33 KB	18ms 16ms	Image image/jpeg	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/back2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 91b4244ebe9f1ca90ed84b8b5c9fe2f340e35d55df94c668b89f824d57e9010c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33890 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text2.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	1 KB 1 KB	19ms 17ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text2.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4139b3e7ead7268f5e730fb9b32300273ce262da28ed4bdff16508d8d6d7314 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1354 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text2b.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	3 KB 3 KB	18ms 16ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text2b.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd8cc56d4953209cb0bd10a1198b3726b03857abfe648c987b6dbd4e0f63513a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2791 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	back1.jpg s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	34 KB 34 KB	23ms 21ms	Image image/jpeg	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/back1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a25f4e403cd3009578cf6ca056afac33ed6aae8f47d1ab575756804b52be203a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35261 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	text1.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	1 KB 1 KB	17ms 15ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/text1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9d9f49fc378d4322355f7fdf35e213afc7f835ab2542b772a4e25802a5ac5cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1337 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	200	logo.png s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/ Frame C908	5 KB 5 KB	23ms 21ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fd5a91913a74d6a43b060f616dd109816717a7cfafa30f62e08890e3986758a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1612135038950/JUKE_CONFIGUREZ_300x250_02/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:19:48 GMT x-content-type-options nosniff last-modified Sun, 31 Jan 2021 23:17:19 GMT server sffe age 27450 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4973 x-xss-protection 0 expires Sat, 22 May 2021 13:19:48 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6359	0 20 B	42ms 40ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsmuTrR6oYLnKKM-mx_AP2NqP-AcAAAAAOAHgBAI&bg=!i4iliMzNAAZ7hX_Ue4U7ACkAdvg8WvSc-gME-vnp84w08wi2e55dFsxP3PAbLntXg-G-eaMuuxu6HgIAAAHOUgAAAEBoAQeZAogreOy_5dj-Ewogw8GuHx2vbwg5CZSL7B0I0e5qlBLCKSsIZ13GMNhmOTCRmc-Gb0k89Jj326P6X8UZCsDx0XdilQUn_EWv1MIfkaAfce8hbq7spzc5LH58VRTF0BEMe5VeYJGPUhDzfOd1JWE1HMPSYIRmOU2EhDCB-fxxntnyn7HurEMgkGMPIvk-hZOf5zbxu336QzJTUe79ydtFaP-Uh2Pi1gm-fxvbtgMP7CESub8FttXBEc6imulvUlZBi8xWADKACK9AbuTLNj3_FxUP-qdtZfCKBRpHec4NAfEYAWhG76hxKL-zz-lTRS9q9wosLtA_SmGunI3v5M5kEa2_3919pFu3N6wiylLfwrnnzPO7PKBxevnlV_S0mvMugn3fgkUBhgFUsBoMPaSSGfgED6vPUSzk_5e7THYYXNPtHuFR2kZSL3MG89QJDTfgADBez2t8j65y31nXgXHzeUF0SooMuK2thFSjrwiEtbewqszfZVh5JZpeF2O4wisg0eE_I1Aq2jUFeLI-NkXS00UsRR9kpcStqa-0k2ojusz6A4IRHCVOa2BWlXVJU78ZXZ5VEo9DvurLuynvW92DpQ42Pzv2dLTkx19a-CXnlO4BwVZC9reEFbc-YYPCR22wWuXlnAVpcZI1JJwOQtjXXMV38hMluhGgUyTfqu1-G0vaq-4Rx6WZDAYXY-beXhXi-t01WSQsDXM_tiH5sam0GuN2Y6yEGU4a0iabmOM8z5Np-yt8NoflfVAU22QFH3kuivxah9t2zycNvpMPkZJdT_6aJb-vBw1ofgmitLWeoMRfZgaLRHUsCM2FxSk_epjfxQ-w7RmWXgNFvDQLQrzHispCifssEYJ7Ep8 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 7955	0 23 B	64ms 64ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvwRkws3WWlJm0Cilh38hsByq4exrTj6kSNHAFAZDklCGRzy0Wik6E38XX4tKqVa4nQBHZjHrjm1S9tH5yRqgaoI-b4kWGvkbixXnV9Mv8QiqZC-GngHqWJQ2L6WNG6v7G_E0dqN8S0CgqG8j-7Ny75yTYLFOhtY-pjwkvODHcE-zFIGwQe7EVt9kH_NV8mcRretCzP-XFeMYOVkTSm&sig=Cg0ArKJSzFBAMfIC61HfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=217&dett=3&cstd=83&cisv=r20210517.82358&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 767A	0 20 B	41ms 40ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5unLrR6oYMC8DtKbgQfZmaSYAQAAAAA4AeAEAg&bg=!2Nul25_NAAZ7hX_Ue4U7ACkAdvg8Wnnga6mmTmRR1a7JymyOQjiRSgPqCSsXvY1eAUja8EKv76_njgIAAAEHUgAAACJoAQeZApEDOSuhq_caveK8BEtC2mM3zUKRttOD6RKkl-mSGDK_6aw2E-JWv4c4twT6oeQ2ag4Sjw3ilGbJdKs0TYFSA9F4pI1W-Dptbx9pxlA-VdpJ5LJySjHsaxIC52VLGA-vmuToRtquQxjbIfctO0GHTlc3ZFkfz5DyKjA7EFH_de2nWOCNRUAFCad-GPUPpNvjPlFyhZN26qcOnTxBGlBz1X74yKfdzBXCwBWU4rd-Tq-pLKidc-IQKT226h5BB2QEdoiwrFEeDbNfi-6pa2H787J8tCyp46WJl0E0J4IWS93ojNaNrQpJw_gH0V_PbKlIpxiFN3LLdbeBfb8QxX-spkMRyYZAu1MCvRFznI_uiBc9RbG-upz3tQhJ_-MDp_diUD0jx2qnSJaUjq6FAhWpRaVkAm1YwEMx1BUooUViiakMD__L_gxMFTLmED8Ob1fI_eXVxuLrL-IdNYgJcg7ta0hQ6JCc2oG_n-sbY9BIXsZWT0PRRkzQUTrsKhMFP4EyAGeGJLeRZpDWXIrCVpkMU1DkuU0gfkoB-xNNX4N4dwfweY3RlezDDxtpDdRFms_RPE5EwyCyLOPccInJTpjdjN01sauJZ6ju-UCB53vesAXjfCnz4cQ6O_J55ESoiybfulUSygqzix2-zY1bYp9nJjGnGrt7DnmkgZRAoa-KG08uLMHGu-7K8Wef-Dg_-cJB2I-Z57xqbyq5oZGVMYm7aW5cBUEVG3sTO5wAvvTgarl007GhoWIkjJVM6nnHOmGPfEemLzCHhh0hQp618MRnQOSZkqumsGRd2-k1g55l9e3mwSS408_y8Hb3-625JJEYAAHtOLreZCNC1uAvpdVoXcnGXRqngH9GWFQPHsEteO7o-XU Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D48	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXjlHrR6oYLeENYTc7_UP4eqDcAAAAAA4AeAEAg&bg=!-Pul-7_NAAZ7hX_Ue4U7ACkAdvg8WgRIp8tUf8kf2mpUQyK7XS0FPqoz_I0x8DYBfY3iHB7mBZwTGgIAAAD0UgAAACNoAQeZAqMFyGaGG9EDOjRB2jgIdolm_n11IF_CXhFVcPDKpaw9mPvMf80JrnmPeFMtuGb4NHveBflxclbs2XCNkLFGPRlg-BNYOceFzQtar0J_Vx579LlOFw5XbnL6OSKgyE-MRt6sNJ_NgIjcEpBnIBht70ilmqwGwWsu51Z6eF6WbGLhMTas83lTu0C_H1p2tIlHthMDiZevyaX5fl8UluwjyGcGF4caJ_F2ObI7RTBxkm_-zD2IzNPzCQC3Z0s70pBdT5earg2QeBgvPr6gwVDq0Z_06fiphiI_D_53WcuBTh5km22qgLfnpO-fhpkbzyKmK8Wf7PiMt5R_YF4n7F1POvhapqhCaaW7z5gh87YeAVd70d7ME9SBHUGTtO56hlolSqvhlu9CsL1kEyzIjS0TuaNvfDHX-S1ZmQPtd5SCZ1Xoeh-oTM_VlmLgTx6-U_YqFiUEeqMd_CSrMscdTdErz3q2SHk6zUrJgQrizMjvWMOEuslzTOxaBt5tN743VMXMQvxbhaVLMaLYJwkXL_a40PhvxxuzaMDekYZHqjIilHNUOBN1e7jIpIFVU7S0FwlVBChKl3ify43hrkXcMdxWFiHALjrVGpzPGif1ppR3TOVg8KlldMdevsKpsoyr2wHO9ZyV6OOBf7A3rWzypY2uQ9lIjQYT8O7Owmb7wzNT_NIzcgoC8ahDekhl--dXQhPRLdlQIxVkqV6-gDKCGutg7XVV7Y2IhpgFWzmXCX0oFX8SaDSkiVrqtxX701plhyr_fcfwfnzhT31HDI-C0UO56Imcupi_POL23dEDk4_ruYm2eU7Bu08FOHbchDuYO40l3HGMCRiJVHaJfF5mTEFSfVaRRK1Bwcv-t85Ftfs-yuM7ru5BOybqGCO89W_OeKWi-vQOVus Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 76B5	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrBWYrR6oYIG4OZOM7_UPp42UsAkAAAAAOAHgBAI&bg=!vL-lv_vNAAZ7hX_Ue4U7ACkAdvg8WonW5BxziHMJxJEuePwLEi-jUSE8aQVYss6ivqRyqhgLJnG30QIAAADpUgAAABBoAQcKAOePIXvpPtw5Z8YdkB1UjuDn_e-t1TeKqXSANScwrMIfnjde-iJtk1Zx7Ce59-SC6GtcE-DVSPfjivgilhk3VxCuej1fCpPvvcZLVAqKIN8ejtnfLRzHfDGesUmaoVo6rNkfJDOcRpDkoy5EIwiIo5AIO36GMNAvvz4hNJZDRPQKVIAE-ByKY6JVctnkGZqFzo1wPnJRuHwkyoeIWcuExyphQAi5UEze44DJzEj79K5yKdzMF0pOBJIMIQz0RU7lB_J-ILYkM3uHSaR2hTxvwEmbcB6k3dvmeMOymNo0GamV7AWEFpbDmkiZAomnjYCvICbgKRsvv-gPPBUEMnDwcG8Fh3jZVPtIDR8FPGZIiCCnqTeSjAoqG0rbDBZ9Id_hAh1triZJham9W6gjCtKghQ4CBbldM14-UHI87IASRnXKhglHo-Mbc6w-gUJIMlRz_2HMQ_ysHarpZaaV0ep6_6qNE1nW33rZXOrOeOm85kbAx8vooJn_EvQW_Zlc3DeFVc3lSHrK5QMffXKwjGIZ-8qNVp-Rr5q16BtK0_-7IbbVkc7pbPEE0D2q1TPK2sRWWTWM6w9FsGzUgjWo9ZQy1GRFi4FtGh-5wjR2ZWuI2nwcayVjpDc_xKeb6BA0vu08Qx5uiZz14Fle0ePUTj_80JH46XcFtpgQSq_1gLvUjxFf6NVxnIUx7aadnqzwWc41LDqQek962IfFNrVikVUu_UsXJ0WpU87QnnVv1L7VPUDW76dwKv8cfpyDSVazZ084Ncsn6y_DNh4KmksGcI648lBqmtb5tSBg5b7oANxf_3xurjCkpKPSNcVz7_2XLfxC-pUGfm2iWDCPzZyNMkBaKFTvkJY8f6uoobV-i7ONIwo3RAR2mTnyQayMpUjlK9l4GyXO2XSfV8Gr_QeA2_urGwFsrLzUdT8W-cwBSsDL3h-A73Q1e643yRGBesSXkkUS-d9Al5Iy3rOu0Ig8YGK1f26xLOAnHj17b0iOhHanmV5WkoNfqH3AlCl2jPtahpSz8t0ZVD7W357BO4XPt36VdQIduvzi6cbB2qongufzGVJ5stvO01LKPl7PnBtvIKLvfxs7pxj_QXHyodXDjXAV6ZLGaKbjYV8qzYlLJ64Ug8Pm-MIgh4FgL6Kj8ePZxBegoSWaP9gj-Ilu5YfeuvyA6LxFJ5fo Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	integrator.js Show response adservice.google.fr/adsid/	107 B 122 B	31ms 16ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.fr/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	30ms 16ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	16 KB 10 KB	502ms 501ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783143210997630&correlator=4160777131553838&output=ldjh&impl=fifs&eid=31060853%2C31060925&vrg=2021051801&ptt=17&sc=1&sfv=1-0-38&ecs=20210521&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid14%3D1330127%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-1330127%26eb_br%3D1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D22%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C131%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C19%2C873%2C18%2C19%2C873%26lb%3D60%26reqt%3D1621630637767&eri=1&cookie=ID%3D4bd58e3fa3d01f28-22626dbc1ac80053%3AT%3D1621630637%3AS%3DALNI_ManHc__htHQd_e6P7VPT496YnuElw&bc=31&abxe=1&lmt=1621630638&dt=1621630638773&dlt=1621630633307&idt=344&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1461951090.1621630634&ga_sid=1621630634&ga_hid=2007784825&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 3267b9064f6f4ac7c9763b1da0703e6efec86ab055f06436d15cdd1a67faf61a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9836 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	31ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:18 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:18 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	31ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:18 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:18 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1E69	42 B 64 B	49ms 48ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp34C6hYjsarE6xC3H5-2n3Y3zgkMQt_l4Kr3oPVwdS90yKvPLno_wpOj9KdnNLu_VhmnRJ6tE17n_AVmjFn-sHckVjRMqYXa7bmJokEoa303XyEOAfzHFjYm_Mg&sai=AMfl-YQi3_-1FScat8yH7ydK0ubxKOKmYLrHu_mqyAzWECAsXH1_6Nzu1WVwQafuGq6zYTlw6b8E2Wk1jKMPb3DyFtxb9Hw--Zz-7kExouD_Vt55LslwLqPN7SeI8HmCPYA&sig=Cg0ArKJSzOFQ0aGf7MbREAE&cid=CAASPeRoPtRRPXUR6PV6XE77cI4MhXxVshQBvkeOQ_sapok2AnPIu-I5A11RLxVrKMpcS0hErdtjo6H1_h2Ypu8&id=lidar2&mcvt=1000&p=171,974,421,1274&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3122676338&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621630637633&dlt=11&rpt=253&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	29ms 29ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	31ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B74B	42 B 64 B	41ms 41ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJxWjBilubMeGug5lqkU4-cSK_nl71tTaES6nR9-sYoDLcRsT2dRo4MWaS6EQYS-oHobyS4_L5xj8CESMg4oPsKL9cP18BRNp82EkQptaRMW0hFuC3F3A6bD1w0g&sai=AMfl-YQq7ZGfaeVkJVTzgGy8If8ELdnC8NHpNSNkOhokUFK8gkbQ1UHHYW1puexinSfaTe-t8e0mk-Hm1l8s446VUvnk17kWtqWsd19jDnRCHW9RIX7kosAh6DMSLJMqI8DP&sig=Cg0ArKJSzJy36fcULX2wEAE&cid=CAASFeRoQ4Xf8WJQbYXPmyWi1zPZS9iFlw&id=lidar2&mcvt=1000&p=171,650,425,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3122676339&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621630637755&dlt=31&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7955	42 B 64 B	41ms 41ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSClnPHxY7wwxkdVncrta16Q2pmQ1O-bUUdIBUxjxJ7PTLAn2oUGRXsjWQWpZMqcg5UztKBjM-lPqvicKaKM0cLLbZlDBNp6CxV_VWUzB18JZ-IOJ-isj5wBimZg&sai=AMfl-YTUAGiI5n29D3t5R9Se0UIWJDmnm3kUfsqxrtdzlbvzMLBBGWwn_EEj3SFI8XyNtD_S9kqsuAB62jG3aAoIm2RgHu514qZdcRQft-MkoSKY2mbV8z7Vk-6N7ReIbDo&sig=Cg0ArKJSzHCnhtV3Jqs6EAE&cid=CAASPeRo063Bfdl-MsuuAfItsxX6UOaeWcax35XtAU1wf57gLQQ8khRgPYcByJ4YvzUZSOUp1i2qOb-QUIl2qWs&id=lidar2&mcvt=1001&p=171,327,421,627&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=840336167&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621630637761&dlt=20&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	30ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:18 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	30ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28-22626dbc1ac80053:T=1621630637:S=ALNI_ManHc__htHQd_e6P7VPT496YnuElw; ezouspvv=138; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H3-29	200	container.html Show response 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B47D	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 21 May 2021 20:57:14 GMT expires Sat, 21 May 2022 20:57:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	32ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzMwMTI3IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMWU5MTNlOTliODA2NDBmZDViODZhNTM5ZTViOTdjOTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDYsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzMwMTI3IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1MDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzMwMTI3IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMWU5MTNlOTliODA2NDBmZDViODZhNTM5ZTViOTdjOTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDYsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzMwMTI3IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1MDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 40 B	32ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 May 2021 20:57:19 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	48ms 46ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjEifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	35ms 33ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzMDYzOSwiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwLCJiaWRfZmxvb3JfcHJldiI6NjAsImJpZF9mbG9vcl9maWxsZWQiOjIyLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1MjQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYXVjdGlvbl9lcG9jaCI6MTYyMTYzMDYzOSwiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwLCJiaWRfZmxvb3JfcHJldiI6NjAsImJpZF9mbG9vcl9maWxsZWQiOjIyLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1MjQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:17 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	33ms 32ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNzEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjYzOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTcxIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNzEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMzA5NzA5IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NDcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjYzOSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTcxIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkZSIiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTQ3LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjExMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:20 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7955	42 B 64 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7ufFQfTHuN-jk15vkPEcX6UMhKLkg5evBnolN1QFI3n0n-9R1siZ1L0ikV2i99KKkXwVxHjFb3gbSr7TMhAYPXA&sig=Cg0ArKJSzGsOERQMdbBVEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame BD8F	640 B 316 B	18ms 18ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnMZHnnyiBHBb7C-F5TihmRmDPho5KNgKaHmbuBsS2_MdocAoRPqWtZHwelBeY Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 21 May 2021 20:57:19 GMT server cafe cache-control private content-length 295 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame B47D	23 KB 12 KB	50ms 49ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsWVi8cIBErvQa6Nzn15eHAZXdG0BBgxbW76zW4Dpq7zTCcan3Otu8rPv8AJzccT-IBzljIgA7YWpY4WohXluaPHSoDqH4wzDKbboiC-S-IW4QZ2S3mJKp8Y99cnBaVqBU0G4K203Qsfz6XmXOcPpD_kTAVA&dbm_d=AKAmf-CSNA7vQwwdh48WV5a8sz0ajj0A_uRsXYCbZeHG9Swi5aYdhz2TKVgHAoUuthQgI3iOqysZY5ZOLfHwwJP7R3WTqW63VWzyMDrXlFWQTGnsnF7591JhyQ43z8t8LBDW0PW83oo2inHiXByhKYly6_bfo3F0_SkR1_7mOctJm5IrE9huaFYWVw2agH7kfh2C9JeUd2dujdKblpt3Jvgtx0f0I9bVyhQKg7N7V5V2vqITiyFkDIbsXAVG6ghZJeoWLHkucY5qm1swC8db3-9RaAhuBygG3oqCfWTKlQzECJRT-4YRyO5bIWS6tzpwk0EOUkQ5IY763bAdxAO0O3ZI7rbM1om2vdz2vofkatXf1yX2DtgDogmDib0plriyjUrmxLWB0t9epoNceegBIeWuz_Xuf7qbfiVeScdNH4lNVL_dDU--tLgIk7PPZpbJe49tA6F5xHhmumAHLV-FV0bbtcog_hKFcOn8ppH4iWZ3g5HEzJ2nu01eaURRVWnpENDLF6x-bbgJnfFqXeS1mzLJ7evZcQ948Zh7RC8naCiZR4D54OAU7wDasJS6qCZOu9Xd4813evitQX3521EZ93AnF0cXc8MxneDUyA6VuSrC-AHp10BG5t9q3HnEIT5DYVcD2Ou0DAY0G59PBz7mTCrB2X_kPimOQI_z6Vq1grZ9Nn_yCQkx0sw-lm4A7niSmw3oX1GYc4bFol6rwXsnzs9cLanIB4aXsseaB4Hx-6l-VmdhkFgC4HnNW9edJHcbXs6jMNPUa-BeY7C2T_cqd-ddk26WdvcT5fO0zAjU0uI7FnyCWT1VLnFqmmJ_JcTJT1v3h00nQIclsepi9tUHas9vfR-NY_zrso6havUrDQgJfpN6NY9mTXfn6Wuy5dDh_CIsP1hO0ngpvk_tZRgrK5sZGTxg9-4eappkL-SycDn-KuRjFYlEzo5ks11YD17SzSv1plnfhGUZ83qf_TmI-97Ncuojqdr0t7wqAMKLJT9rn-KVWixTVaF5WRxd3_XBulsFhpB4fkiyommmq_L1ilwJILtabRKWSxHdji6bnVeSA7hHh9iKdgAP7AsPu2TlD0yBtfQi5-l3R7rjRV9HM3WoEDIPrVACnBxpYUOxEbc3zU5Nqzv6VMA5gvlqMpPa8X6RmZPE1wfgHlcJa9skUhUmdTm5xvXp4VSn3HhUl4oU94vrCA1r9yY2UB477n5Qmv8QoeNEueCxNAHnymp1YYRLPeeusaRozr179a3g4rErPgnfB5VgkIqnE8sZX3m5yS4704rAZCSYF33bKVBva3oozHShiOwuLPFt5xGxSBO6Q1zxFwdhoCc2lyDmmyQKJy_nDqiPRDHvjcmHPyF3paW1a8FF4lI7mpCnGzCsYG_aGkwedcCSeE-mYBNDUIHi-Mp6gEDQUyLDwKDtrVxzd1UJUAwk9CJpZj6Tnassi5Zorr4Ddn-ZbXXv1KE4J48AuFLPT5SCKcy4oV9jQnDqoITAIvarOHskwMa5SuSFEYKx4jVyW3NYiDFrajDBW_XQj6Tw_QLbGGmBFqVTfYySNrgiFw0JIWN1zq2sOYK9W4-4_EX89PDxWfaJKAvAqOZBymYmZpsBwhOBo6hEWD3nXJwJVyKSpSlwutZwf6tqv1nFJKM338aeSs9mEej-jkGl1_UO8wTmZhLDMYW8772JFXVtwieUi3Mm2F8MH3tfnJIWoyfNW215uHVTA9ciWcWqnE84YqFFlkl5evO6sdLvaptLUtNYsVoaeaGLh_Vm5mI3HPJgJEzXOiugI1d_96L0F3OWg7-GbnVVGP6aijJMnPRL5g0JUPIfYs45wuFNRGvPQlmeYLyZSdeXSVsSYDIItGbtssGvT003lh6oeqZvyLBpcIKZ3r5J5aMsVTqeC-VBJpKH-QP1J39xkNYdLb1Km7iMH5Ky39NGJ4c16-1OD0VjqA7FpRtpBYX1hh-mHZS0BJSTl1YWuLVXA0ihuLwTsJjDe728fQ9OtRbYpNysWlLK_hMuqINfBqm75eQwQQAY7kuoHctGHJsjVZBHlqCOGTA-Lsyy8mbqXIjH-VzfOH1HoiuPh0cDLPuhFBrRP2gmR-n8VV_PPggsnQVmob3FoQej74tCTAkhmXkZO2tySA2SZGa0ukxgpQAKSHrDMVb5IicWwB3bhZAsW1WVjo9bjuKyajGf8fZrM-frVB9sK52XOPasK55RZWkTW3t_9zeNtNOn50ssfnZvmlDeE8LNdEhutsvjQLi_UKRmXgKlmXqrZ9f-isCUTQlNyAeUy7EB5RSVtT1LjBunZT0hqB9lr3Eg5duU1M8ymeGgmozEgmKUk3ArE6p0uPUzy_0LbseNrWreMjgYL9DGjX20LbUAI_ANOctmL5hSB6PvK-szOgLYshAtX3BvZZVWfRpJyB_KoIE0uv_Nnsvi3mF8QkqfSJD2mDsR1bdsTODaGIQgz7iRTdRZpgpZyIhhedsPBhKUAuMQhc9kuTUF679Eafd6VuHsGAvG0FIOnqDzW19gX4QB28H-wfpg7Xj3SW2s9RDQSw0ZDBdPcHnzH6HsRUlhwkYaEqsZZHHQKhNTOBUXt8Cj-itOEmG5CIQH1DQiy8sCTgv7mJIorJY7txVvipY3RG-OixLVvZx_jpEjwKnZ75HzL_1I51L2eJn9L5ZlPD_tMHlkxdI_bzTsZTMbX2mZwsK-Rpae7S1ca6bSV_QqiPxXDaHFcLT5tvW0xNMvqulbl34UY0WMDidZ5wAB_o_g2xCb-hwk7PqCQEaulKjhDClNfrw-zmghWPKX-tUCgkVxN-ovMQwEEFIS9zrHT3v0qrFwLswYP5iXSxlUXsLPEbWaMqC46NeebB0Xe6TqJPJkDkrtp5oyQRZqZ4omn0gAiFQV5Fjt41gEoHcdAw_pAi4cVdarQYpSb7hsaMGX79r-MNkJXoM0CPauHcRzVVDyDx2hohNX97GFPxWAIfLnDf_2QfeUjsT0JMAoSRAc8P-j60Cc9SBmA4Ded66XmsJkNFU3np_9qCqOLAREmAnqprgC-Wem5iFq_qIB47Ecdd75k4yTNW19RoY&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3409039af1ad06387cf48b01dcb688d07dfae28e4c3499853a4b754384404865 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12078 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B47D	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6veoDqSoJ5ZSGTCp4MTjGdO4cOQNdKRTxu8cDQ7cF3wYXODASefd0L3nICkTvU-vZbmhcxEF6aQ9VgA5ZqwtH0KzSi1IOu2n5SboRfXolnDxGqdw Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	clk Show response ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25708979.302401798;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/ Frame B47D	43 KB 19 KB	96ms 58ms	Script text/javascript	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25708979.302401798;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C-miqrh6oYMmtMtWF-gaQ-aygDe-j5stiyaigtbgN2tkeEAEg9PnGJWD7gYCAiAqgAeLd28sCyAEJqQKLQ9jwJ220PqgDAaoEuwFP0FAip9Rh6tp2K-E9Jn2J_3GbViquQBdIz5kOAIcyb7Xyjh633oSC27vnROtay4FcRTtpDbBflGcLpwt2h-Jnczcg-ogF14FxML6LEuUkJE1gOz23ZxxPSPoCvpQO404tIpWlDRwmWjnTNdMFakxVkN-AKOE5FPSNl_bE5x6kXmNSuRZnJClVtXYh_r9tCF0TYkUjwR5RgylBmV1g1CoDCQ6MyMwJ0Xgw0VQzdidAcxmlXypcf_m2jQdawATuo9b7sgLgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yMTc2OTI4NzcwOTczMzgxgAoDmAsByAsBgAwBsBPS_8wL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&sig=AOD64_3HhCobXcHmvrMUUn0H1DQptGIHMg&client=ca-pub-6396844742497208&dbm_c=AKAmf-CJJsE3IHnjtGBFjsVPo0htOSWq-0_2bdhw40l4rZ3VcJn6Qy3F-H2uusdnIcu4WI5ebfLIGAztmiJPH_CEbMJckFWH0m-3FuXWslhKrf1OAwM_N48FxCtNveZ_iKfngV9kgAxbBbKwlgrEKLhqeC0rKzmX2w&dbm_d=AKAmf-CAtpR3W6lXDUWzRY7I7hUb7-X1EBjKd474O1ej_Sxz3wNYU_gvdLI-t5_t08QE4rn8HqOU0j_0Opwq5Qrx3WfQ3zOGgtNd_gYpOKrW9KTROGEhUE5sHlObYqPC6K56aV2ZLP-YKB9jBLTVn_F4MhlJPxbyfKuvPPug2IjFZfny4wgAf-c9lneOiPgFEQM7veYeT4p26Ptr5TczqQVn1lVLXCS64kJwIO2h_jLgeDQhK0VnKVI5Iw2AtaeNYJQ9YwcyRc2sSjoV6qivIiF8zQ6ASMXe2Bl7gVccjp-z9zF9eSwohCXKfLHAU1rVzqFLCfllFqz39VBw_oyqTNULWOTGPK8lI5sGA-Y9C4JTHCGO1CjHGGuCdvaeNrtfylJef5UDeCA053o4elKhpPv0DnvUpSNv_NO-bTg5Nlu2dckpOch86aG_eUE1f8ElOktkrv9XjSJz&adurl=;ord=1621630638825033;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash b7b06e64cee9d180ac1866e476062dd73deabe47503233e22e238cee69e81c44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19033 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B47D	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:30 GMT content-encoding gzip x-content-type-options nosniff age 229 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:30 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B47D	118 KB 36 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621424119306032" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36804 x-xss-protection 0 expires Fri, 21 May 2021 20:57:19 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame B47D	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:53:38 GMT content-encoding gzip x-content-type-options nosniff age 221 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:53:38 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame B47D	0 0	14ms 14ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYU_t8ed9rjHKdO3dut3ZjLmS95YF-NpNSdi3Zryne3yz7HPt3Y6KKR_ED8mT7CTdcpmsila6OFsVFvGSy1a6eWdoUgw Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	sd us-u.openx.net/w/1.0/ Frame BD8F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1	43 B 172 B	26ms 26ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.207.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT via 1.1 google server OXGW/16.207.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFIVni3vVOIkYyOX8-LdcnU&google_cver=1 date Fri, 21 May 2021 20:57:19 GMT via 1.1 google server OXGW/16.207.0 alt-svc clear content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame BD8F Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdlYzQ5MjgtMTFjYi0yNDY5LWQzYTctMGQyOTY3ZWQxMjg4	170 B 188 B	39ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdlYzQ5MjgtMTFjYi0yNDY5LWQzYTctMGQyOTY3ZWQxMjg4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 May 2021 20:57:19 GMT content-encoding gzip server OXGW/16.207.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzdlYzQ5MjgtMTFjYi0yNDY5LWQzYTctMGQyOTY3ZWQxMjg4 content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	200	um sync.teads.tv/ Frame BD8F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEBCVk5zHvB2HXCVGitPQ41o&google_cver=1	23 B 172 B	82ms 61ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEBCVk5zHvB2HXCVGitPQ41o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.3 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT cache-control max-age=0, no-cache, no-store expires Fri, 21 May 2021 20:57:19 GMT server akka-http/10.2.3 content-length 23 content-type image/gif Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.teads.tv/um?eid=3&uid=CAESEBCVk5zHvB2HXCVGitPQ41o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame BD8F Redirect Chain https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzA3OTAzMDY5YWQxMGFiOGYwNmFmZmQwYWE2NGI2MjQyOGQxNjdiMg==	170 B 188 B	40ms 40ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzA3OTAzMDY5YWQxMGFiOGYwNmFmZmQwYWE2NGI2MjQyOGQxNjdiMg== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhiV7OWmATAB&v=APEucNUM9qsm-PhlKnws4fMRfFlpLr-IJrMPPtlbWAWTiv-07y9Y_xhG-HokL335_CamHwY9Tu6TUQ_xVnY3_8hHO7GkptpXSUnIz2Ir8kjIGczYAgV1SJoXIODQmPUhix0Tji7QDEK8C-Bx_HspoxcivTONzpTandQNujx9LVAFUVqhIzxEiykEu-JLSg4YKYBo6Sly5BOe9MiLoWNgBRT2CnpUejdTzCPYPecswnm7SVyzDXCj_u8 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server akka-http/10.2.3 content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YzA3OTAzMDY5YWQxMGFiOGYwNmFmZmQwYWE2NGI2MjQyOGQxNjdiMg== cache-control max-age=0, no-cache, no-store content-length 197 expires Fri, 21 May 2021 20:57:19 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame B47D	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsWVi8cIBErvQa6Nzn15eHAZXdG0BBgxbW76zW4Dpq7zTCcan3Otu8rPv8AJzccT-IBzljIgA7YWpY4WohXluaPHSoDqH4wzDKbboiC-S-IW4QZ2S3mJKp8Y99cnBaVqBU0G4K203Qsfz6XmXOcPpD_kTAVA&dbm_d=AKAmf-CSNA7vQwwdh48WV5a8sz0ajj0A_uRsXYCbZeHG9Swi5aYdhz2TKVgHAoUuthQgI3iOqysZY5ZOLfHwwJP7R3WTqW63VWzyMDrXlFWQTGnsnF7591JhyQ43z8t8LBDW0PW83oo2inHiXByhKYly6_bfo3F0_SkR1_7mOctJm5IrE9huaFYWVw2agH7kfh2C9JeUd2dujdKblpt3Jvgtx0f0I9bVyhQKg7N7V5V2vqITiyFkDIbsXAVG6ghZJeoWLHkucY5qm1swC8db3-9RaAhuBygG3oqCfWTKlQzECJRT-4YRyO5bIWS6tzpwk0EOUkQ5IY763bAdxAO0O3ZI7rbM1om2vdz2vofkatXf1yX2DtgDogmDib0plriyjUrmxLWB0t9epoNceegBIeWuz_Xuf7qbfiVeScdNH4lNVL_dDU--tLgIk7PPZpbJe49tA6F5xHhmumAHLV-FV0bbtcog_hKFcOn8ppH4iWZ3g5HEzJ2nu01eaURRVWnpENDLF6x-bbgJnfFqXeS1mzLJ7evZcQ948Zh7RC8naCiZR4D54OAU7wDasJS6qCZOu9Xd4813evitQX3521EZ93AnF0cXc8MxneDUyA6VuSrC-AHp10BG5t9q3HnEIT5DYVcD2Ou0DAY0G59PBz7mTCrB2X_kPimOQI_z6Vq1grZ9Nn_yCQkx0sw-lm4A7niSmw3oX1GYc4bFol6rwXsnzs9cLanIB4aXsseaB4Hx-6l-VmdhkFgC4HnNW9edJHcbXs6jMNPUa-BeY7C2T_cqd-ddk26WdvcT5fO0zAjU0uI7FnyCWT1VLnFqmmJ_JcTJT1v3h00nQIclsepi9tUHas9vfR-NY_zrso6havUrDQgJfpN6NY9mTXfn6Wuy5dDh_CIsP1hO0ngpvk_tZRgrK5sZGTxg9-4eappkL-SycDn-KuRjFYlEzo5ks11YD17SzSv1plnfhGUZ83qf_TmI-97Ncuojqdr0t7wqAMKLJT9rn-KVWixTVaF5WRxd3_XBulsFhpB4fkiyommmq_L1ilwJILtabRKWSxHdji6bnVeSA7hHh9iKdgAP7AsPu2TlD0yBtfQi5-l3R7rjRV9HM3WoEDIPrVACnBxpYUOxEbc3zU5Nqzv6VMA5gvlqMpPa8X6RmZPE1wfgHlcJa9skUhUmdTm5xvXp4VSn3HhUl4oU94vrCA1r9yY2UB477n5Qmv8QoeNEueCxNAHnymp1YYRLPeeusaRozr179a3g4rErPgnfB5VgkIqnE8sZX3m5yS4704rAZCSYF33bKVBva3oozHShiOwuLPFt5xGxSBO6Q1zxFwdhoCc2lyDmmyQKJy_nDqiPRDHvjcmHPyF3paW1a8FF4lI7mpCnGzCsYG_aGkwedcCSeE-mYBNDUIHi-Mp6gEDQUyLDwKDtrVxzd1UJUAwk9CJpZj6Tnassi5Zorr4Ddn-ZbXXv1KE4J48AuFLPT5SCKcy4oV9jQnDqoITAIvarOHskwMa5SuSFEYKx4jVyW3NYiDFrajDBW_XQj6Tw_QLbGGmBFqVTfYySNrgiFw0JIWN1zq2sOYK9W4-4_EX89PDxWfaJKAvAqOZBymYmZpsBwhOBo6hEWD3nXJwJVyKSpSlwutZwf6tqv1nFJKM338aeSs9mEej-jkGl1_UO8wTmZhLDMYW8772JFXVtwieUi3Mm2F8MH3tfnJIWoyfNW215uHVTA9ciWcWqnE84YqFFlkl5evO6sdLvaptLUtNYsVoaeaGLh_Vm5mI3HPJgJEzXOiugI1d_96L0F3OWg7-GbnVVGP6aijJMnPRL5g0JUPIfYs45wuFNRGvPQlmeYLyZSdeXSVsSYDIItGbtssGvT003lh6oeqZvyLBpcIKZ3r5J5aMsVTqeC-VBJpKH-QP1J39xkNYdLb1Km7iMH5Ky39NGJ4c16-1OD0VjqA7FpRtpBYX1hh-mHZS0BJSTl1YWuLVXA0ihuLwTsJjDe728fQ9OtRbYpNysWlLK_hMuqINfBqm75eQwQQAY7kuoHctGHJsjVZBHlqCOGTA-Lsyy8mbqXIjH-VzfOH1HoiuPh0cDLPuhFBrRP2gmR-n8VV_PPggsnQVmob3FoQej74tCTAkhmXkZO2tySA2SZGa0ukxgpQAKSHrDMVb5IicWwB3bhZAsW1WVjo9bjuKyajGf8fZrM-frVB9sK52XOPasK55RZWkTW3t_9zeNtNOn50ssfnZvmlDeE8LNdEhutsvjQLi_UKRmXgKlmXqrZ9f-isCUTQlNyAeUy7EB5RSVtT1LjBunZT0hqB9lr3Eg5duU1M8ymeGgmozEgmKUk3ArE6p0uPUzy_0LbseNrWreMjgYL9DGjX20LbUAI_ANOctmL5hSB6PvK-szOgLYshAtX3BvZZVWfRpJyB_KoIE0uv_Nnsvi3mF8QkqfSJD2mDsR1bdsTODaGIQgz7iRTdRZpgpZyIhhedsPBhKUAuMQhc9kuTUF679Eafd6VuHsGAvG0FIOnqDzW19gX4QB28H-wfpg7Xj3SW2s9RDQSw0ZDBdPcHnzH6HsRUlhwkYaEqsZZHHQKhNTOBUXt8Cj-itOEmG5CIQH1DQiy8sCTgv7mJIorJY7txVvipY3RG-OixLVvZx_jpEjwKnZ75HzL_1I51L2eJn9L5ZlPD_tMHlkxdI_bzTsZTMbX2mZwsK-Rpae7S1ca6bSV_QqiPxXDaHFcLT5tvW0xNMvqulbl34UY0WMDidZ5wAB_o_g2xCb-hwk7PqCQEaulKjhDClNfrw-zmghWPKX-tUCgkVxN-ovMQwEEFIS9zrHT3v0qrFwLswYP5iXSxlUXsLPEbWaMqC46NeebB0Xe6TqJPJkDkrtp5oyQRZqZ4omn0gAiFQV5Fjt41gEoHcdAw_pAi4cVdarQYpSb7hsaMGX79r-MNkJXoM0CPauHcRzVVDyDx2hohNX97GFPxWAIfLnDf_2QfeUjsT0JMAoSRAc8P-j60Cc9SBmA4Ded66XmsJkNFU3np_9qCqOLAREmAnqprgC-Wem5iFq_qIB47Ecdd75k4yTNW19RoY&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:52:33 GMT content-encoding gzip x-content-type-options nosniff age 286 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:52:33 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B47D	41 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsWVi8cIBErvQa6Nzn15eHAZXdG0BBgxbW76zW4Dpq7zTCcan3Otu8rPv8AJzccT-IBzljIgA7YWpY4WohXluaPHSoDqH4wzDKbboiC-S-IW4QZ2S3mJKp8Y99cnBaVqBU0G4K203Qsfz6XmXOcPpD_kTAVA&dbm_d=AKAmf-CSNA7vQwwdh48WV5a8sz0ajj0A_uRsXYCbZeHG9Swi5aYdhz2TKVgHAoUuthQgI3iOqysZY5ZOLfHwwJP7R3WTqW63VWzyMDrXlFWQTGnsnF7591JhyQ43z8t8LBDW0PW83oo2inHiXByhKYly6_bfo3F0_SkR1_7mOctJm5IrE9huaFYWVw2agH7kfh2C9JeUd2dujdKblpt3Jvgtx0f0I9bVyhQKg7N7V5V2vqITiyFkDIbsXAVG6ghZJeoWLHkucY5qm1swC8db3-9RaAhuBygG3oqCfWTKlQzECJRT-4YRyO5bIWS6tzpwk0EOUkQ5IY763bAdxAO0O3ZI7rbM1om2vdz2vofkatXf1yX2DtgDogmDib0plriyjUrmxLWB0t9epoNceegBIeWuz_Xuf7qbfiVeScdNH4lNVL_dDU--tLgIk7PPZpbJe49tA6F5xHhmumAHLV-FV0bbtcog_hKFcOn8ppH4iWZ3g5HEzJ2nu01eaURRVWnpENDLF6x-bbgJnfFqXeS1mzLJ7evZcQ948Zh7RC8naCiZR4D54OAU7wDasJS6qCZOu9Xd4813evitQX3521EZ93AnF0cXc8MxneDUyA6VuSrC-AHp10BG5t9q3HnEIT5DYVcD2Ou0DAY0G59PBz7mTCrB2X_kPimOQI_z6Vq1grZ9Nn_yCQkx0sw-lm4A7niSmw3oX1GYc4bFol6rwXsnzs9cLanIB4aXsseaB4Hx-6l-VmdhkFgC4HnNW9edJHcbXs6jMNPUa-BeY7C2T_cqd-ddk26WdvcT5fO0zAjU0uI7FnyCWT1VLnFqmmJ_JcTJT1v3h00nQIclsepi9tUHas9vfR-NY_zrso6havUrDQgJfpN6NY9mTXfn6Wuy5dDh_CIsP1hO0ngpvk_tZRgrK5sZGTxg9-4eappkL-SycDn-KuRjFYlEzo5ks11YD17SzSv1plnfhGUZ83qf_TmI-97Ncuojqdr0t7wqAMKLJT9rn-KVWixTVaF5WRxd3_XBulsFhpB4fkiyommmq_L1ilwJILtabRKWSxHdji6bnVeSA7hHh9iKdgAP7AsPu2TlD0yBtfQi5-l3R7rjRV9HM3WoEDIPrVACnBxpYUOxEbc3zU5Nqzv6VMA5gvlqMpPa8X6RmZPE1wfgHlcJa9skUhUmdTm5xvXp4VSn3HhUl4oU94vrCA1r9yY2UB477n5Qmv8QoeNEueCxNAHnymp1YYRLPeeusaRozr179a3g4rErPgnfB5VgkIqnE8sZX3m5yS4704rAZCSYF33bKVBva3oozHShiOwuLPFt5xGxSBO6Q1zxFwdhoCc2lyDmmyQKJy_nDqiPRDHvjcmHPyF3paW1a8FF4lI7mpCnGzCsYG_aGkwedcCSeE-mYBNDUIHi-Mp6gEDQUyLDwKDtrVxzd1UJUAwk9CJpZj6Tnassi5Zorr4Ddn-ZbXXv1KE4J48AuFLPT5SCKcy4oV9jQnDqoITAIvarOHskwMa5SuSFEYKx4jVyW3NYiDFrajDBW_XQj6Tw_QLbGGmBFqVTfYySNrgiFw0JIWN1zq2sOYK9W4-4_EX89PDxWfaJKAvAqOZBymYmZpsBwhOBo6hEWD3nXJwJVyKSpSlwutZwf6tqv1nFJKM338aeSs9mEej-jkGl1_UO8wTmZhLDMYW8772JFXVtwieUi3Mm2F8MH3tfnJIWoyfNW215uHVTA9ciWcWqnE84YqFFlkl5evO6sdLvaptLUtNYsVoaeaGLh_Vm5mI3HPJgJEzXOiugI1d_96L0F3OWg7-GbnVVGP6aijJMnPRL5g0JUPIfYs45wuFNRGvPQlmeYLyZSdeXSVsSYDIItGbtssGvT003lh6oeqZvyLBpcIKZ3r5J5aMsVTqeC-VBJpKH-QP1J39xkNYdLb1Km7iMH5Ky39NGJ4c16-1OD0VjqA7FpRtpBYX1hh-mHZS0BJSTl1YWuLVXA0ihuLwTsJjDe728fQ9OtRbYpNysWlLK_hMuqINfBqm75eQwQQAY7kuoHctGHJsjVZBHlqCOGTA-Lsyy8mbqXIjH-VzfOH1HoiuPh0cDLPuhFBrRP2gmR-n8VV_PPggsnQVmob3FoQej74tCTAkhmXkZO2tySA2SZGa0ukxgpQAKSHrDMVb5IicWwB3bhZAsW1WVjo9bjuKyajGf8fZrM-frVB9sK52XOPasK55RZWkTW3t_9zeNtNOn50ssfnZvmlDeE8LNdEhutsvjQLi_UKRmXgKlmXqrZ9f-isCUTQlNyAeUy7EB5RSVtT1LjBunZT0hqB9lr3Eg5duU1M8ymeGgmozEgmKUk3ArE6p0uPUzy_0LbseNrWreMjgYL9DGjX20LbUAI_ANOctmL5hSB6PvK-szOgLYshAtX3BvZZVWfRpJyB_KoIE0uv_Nnsvi3mF8QkqfSJD2mDsR1bdsTODaGIQgz7iRTdRZpgpZyIhhedsPBhKUAuMQhc9kuTUF679Eafd6VuHsGAvG0FIOnqDzW19gX4QB28H-wfpg7Xj3SW2s9RDQSw0ZDBdPcHnzH6HsRUlhwkYaEqsZZHHQKhNTOBUXt8Cj-itOEmG5CIQH1DQiy8sCTgv7mJIorJY7txVvipY3RG-OixLVvZx_jpEjwKnZ75HzL_1I51L2eJn9L5ZlPD_tMHlkxdI_bzTsZTMbX2mZwsK-Rpae7S1ca6bSV_QqiPxXDaHFcLT5tvW0xNMvqulbl34UY0WMDidZ5wAB_o_g2xCb-hwk7PqCQEaulKjhDClNfrw-zmghWPKX-tUCgkVxN-ovMQwEEFIS9zrHT3v0qrFwLswYP5iXSxlUXsLPEbWaMqC46NeebB0Xe6TqJPJkDkrtp5oyQRZqZ4omn0gAiFQV5Fjt41gEoHcdAw_pAi4cVdarQYpSb7hsaMGX79r-MNkJXoM0CPauHcRzVVDyDx2hohNX97GFPxWAIfLnDf_2QfeUjsT0JMAoSRAc8P-j60Cc9SBmA4Ded66XmsJkNFU3np_9qCqOLAREmAnqprgC-Wem5iFq_qIB47Ecdd75k4yTNW19RoY&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:46:47 GMT content-encoding gzip x-content-type-options nosniff age 15032 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 21 May 2022 16:46:47 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 6CF3	22 KB 8 KB	8ms 7ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7652 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	30ms 29ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMDkifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMwOTcwOSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8xIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMDk3MDkiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU0NywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxMDkifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:19 UTC
GET H3-29	200	zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response pagead2.googlesyndication.com/bg/ Frame 6CF3	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:32:37 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30282 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5790 x-xss-protection 0 expires Sat, 21 May 2022 12:32:37 GMT
GET H3-29	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame B47D	111 KB 38 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:48:05 GMT content-encoding gzip x-content-type-options nosniff age 29354 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 22 May 2021 12:48:05 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame B47D	8 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25708979.302401798;gdpr=;gdpr_consent=;sz=728x90;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C-miqrh6oYMmtMtWF-gaQ-aygDe-j5stiyaigtbgN2tkeEAEg9PnGJWD7gYCAiAqgAeLd28sCyAEJqQKLQ9jwJ220PqgDAaoEuwFP0FAip9Rh6tp2K-E9Jn2J_3GbViquQBdIz5kOAIcyb7Xyjh633oSC27vnROtay4FcRTtpDbBflGcLpwt2h-Jnczcg-ogF14FxML6LEuUkJE1gOz23ZxxPSPoCvpQO404tIpWlDRwmWjnTNdMFakxVkN-AKOE5FPSNl_bE5x6kXmNSuRZnJClVtXYh_r9tCF0TYkUjwR5RgylBmV1g1CoDCQ6MyMwJ0Xgw0VQzdidAcxmlXypcf_m2jQdawATuo9b7sgLgBAOQBgGgBk2AB4aipLQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yMTc2OTI4NzcwOTczMzgxgAoDmAsByAsBgAwBsBPS_8wL0BMA2BMD2BQB0BUBgBcB&ae=1&num=1&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&sig=AOD64_3HhCobXcHmvrMUUn0H1DQptGIHMg&client=ca-pub-6396844742497208&dbm_c=AKAmf-CJJsE3IHnjtGBFjsVPo0htOSWq-0_2bdhw40l4rZ3VcJn6Qy3F-H2uusdnIcu4WI5ebfLIGAztmiJPH_CEbMJckFWH0m-3FuXWslhKrf1OAwM_N48FxCtNveZ_iKfngV9kgAxbBbKwlgrEKLhqeC0rKzmX2w&dbm_d=AKAmf-CAtpR3W6lXDUWzRY7I7hUb7-X1EBjKd474O1ej_Sxz3wNYU_gvdLI-t5_t08QE4rn8HqOU0j_0Opwq5Qrx3WfQ3zOGgtNd_gYpOKrW9KTROGEhUE5sHlObYqPC6K56aV2ZLP-YKB9jBLTVn_F4MhlJPxbyfKuvPPug2IjFZfny4wgAf-c9lneOiPgFEQM7veYeT4p26Ptr5TczqQVn1lVLXCS64kJwIO2h_jLgeDQhK0VnKVI5Iw2AtaeNYJQ9YwcyRc2sSjoV6qivIiF8zQ6ASMXe2Bl7gVccjp-z9zF9eSwohCXKfLHAU1rVzqFLCfllFqz39VBw_oyqTNULWOTGPK8lI5sGA-Y9C4JTHCGO1CjHGGuCdvaeNrtfylJef5UDeCA053o4elKhpPv0DnvUpSNv_NO-bTg5Nlu2dckpOch86aG_eUE1f8ElOktkrv9XjSJz&adurl=;ord=1621630638825033;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=? Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:54:13 GMT content-encoding gzip x-content-type-options nosniff age 186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 04 Jun 2021 20:54:13 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame A0CA	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Fri, 21 May 2021 06:38:34 GMT expires Sat, 22 May 2021 06:38:34 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 51525 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame B47D	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b7cd8bd83b654263a61a9335e965f7054f0e60ba208353f44fb507c2428e0e62 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 36D1	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 21 May 2021 18:49:47 GMT expires Sat, 21 May 2022 18:49:47 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 7652 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	4 KB 1 KB	7ms 6ms	Document text/html	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 865cbd5d416e753fc0db7f317ef9be9619614423709da21feee817e302ca0120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 1467 date Fri, 21 May 2021 16:11:46 GMT expires Sat, 22 May 2021 16:11:46 GMT last-modified Fri, 26 Mar 2021 12:29:19 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 17133 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame B47D	0 23 B	63ms 63ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvY3SkabdnSS4iMyJNxq2bFz1ZQrnxqeJSyBiQrj5A9YLBEBz3hHCzfRHs9d72XR4Pl6z7SUyfTMNDw98S7L9jFlsXAbrON-PUmjbG66MLgTt9cfE-ggPJ4aokw1AX8nrNBWhXR8Mdpvmwa67R1ECaUYbEpoviWc6DPmWSt5F8_EoG2tMp3oG-aFcIkjuQYlxc12VNvzJJnfIJlic7u&sig=Cg0ArKJSzGWQjklrH2o8EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=55&cbvp=1&cstd=54&cisv=r20210517.95406&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBj6PrKIytywLXAbsD5qzuo&google_cver=1&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAU... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBj6PrKIytywLXAbsD5qzuo&google_cver=1&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7ws... https://p.rfihub.com/cm?in=1&pub=20513&ssp=google https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819619990085727&expires=30&ssp=google https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei&google_hm=Ev4mJ4P2Q3yrrCmH2JEvhg==	170 B 188 B	39ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei&google_hm=Ev4mJ4P2Q3yrrCmH2JEvhg== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUJyYPkbaQWjidAnHT-jde1MmROragDJYbGzHA_N_r982lYIGhAN2xvcWviw9QSCc0PLBWmFU_XOsKI7wsCYUeAUxWiGzBei&google_hm=Ev4mJ4P2Q3yrrCmH2JEvhg== date Fri, 21 May 2021 20:57:19 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESELy3pHz-jZf_YqXrDexljms&google_cver=1&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-... https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESELy3pHz-jZf_YqXrDexljms&google_cver=1&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z... https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r	170 B 188 B	40ms 39ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 May 2021 20:57:19 GMT Server nginx P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUIoEPIeQS86uWn6RaszMu4yvV0xO2YtViZZ2NMBFO8bWhtUuonZmn3kIkBJxfVta90CJ6SXpKF5xPj7nnjZitF-r6Z9k43r Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEHPd6rssfq5I7fUsKJRLfgE&google_cver=1&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5Icd... https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5IcdA8xv3GWW2WlTn13YRvQ4pxaB44I9bk&google_hm=QWNYMlFKWnExU3dsRkhac2lFd...	170 B 188 B	38ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5IcdA8xv3GWW2WlTn13YRvQ4pxaB44I9bk&google_hm=QWNYMlFKWnExU3dsRkhac2lFd0FZelE= Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUIDkY8Hu60o8P9-kM9kvqvGgiiFjxCGy0LwGeOT6NMTFKgj3FJ5eO7tjKTOR5IcdA8xv3GWW2WlTn13YRvQ4pxaB44I9bk&google_hm=QWNYMlFKWnExU3dsRkhac2lFd0FZelE= Date Fri, 21 May 2021 20:57:19 GMT Server nginx Connection keep-alive Transfer-Encoding chunked
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESECQnaKpkXnAPzBvj6kCEJUY&google_cver=1&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7 https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7&google_hm=hNUQ3nE6w-MgMxsnfhbmUg==	170 B 188 B	40ms 39ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7&google_hm=hNUQ3nE6w-MgMxsnfhbmUg== Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 May 2021 20:57:18 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ5VlbV7EAhWwiwq4bwnzcEchkWcUxi68Q1pRs7STeGn3RlsRoXFxQBh-jeTf7zAsSAt_SN0N2D-dD8H6DZ5Mmd6GHK7VH7&google_hm=hNUQ3nE6w-MgMxsnfhbmUg== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id 2hn2up1ag9vt94d38flvk3bn0p7ak4a6
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame A0CA	0 478 B	143ms 33ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAQvitUJU3voPnJ-qnnKBg5-2M9qzFyYdlhPELsyeVGquxMTtaKC-aOWYgd_BOp61Fpk4u-ByHITMl0LnjbP6aCCDDvFVj1LKYLJJ%26google_hm%3D%5BUID%5D&google_gid=CAESEGaSZvfh3w9wTsO0RuyK1k8&google_cver=1 Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 May 2021 20:57:19 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-129 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGiscWBihNEtP66JU28KO2I&google_cver=1&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnz... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGiscWBihNEtP66JU28KO2I&google_cver=1&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnz... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU&google_hm=a672f2f740745ea6045d6635	170 B 188 B	39ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU&google_hm=a672f2f740745ea6045d6635 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 May 2021 20:57:19 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUI3RpzVdMDCB48sbjD_WCHTHkopm0Q9IQJFQ8hhpKsfX0hv3NCBuQZm6xs9ee0Go9hAOFjEKEC11xHcLnAnzJOfjcBP2STU&google_hm=a672f2f740745ea6045d6635 Access-Control-Allow-Methods GET, POST, DELETE, PUT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame A0CA Redirect Chain https://cs.media.net/cksync?type=g&google_gid=CAESENYSiABaIJr03DPsB-JT7Zk&google_cver=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss01T8bZWe8ku1D08z5L0KVCzT-8NTD6uSj07i6RodJx2b_9pyhlEUT5ZEA93_2D1ogKNLrP https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&mn_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss0...	170 B 188 B	39ms 38ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&mn_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss01T8bZWe8ku1D08z5L0KVCzT-8NTD6uSj07i6RodJx2b_9pyhlEUT5ZEA93_2D1ogKNLrP&gdpr=&gdpr_consent= Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 May 2021 20:57:19 GMT Server Apache P3P CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&mn_hm=MjY0NjMyMjM5MjEyMjc1MzAwMFYxMA%3d%3d&google_sc=1&google_push=AQvitUK7vMqnNs6xUdPchkuSEUndss01T8bZWe8ku1D08z5L0KVCzT-8NTD6uSj07i6RodJx2b_9pyhlEUT5ZEA93_2D1ogKNLrP&gdpr=&gdpr_consent= Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html Content-Length 154 X-MNET-HL2 E Expires Fri, 21 May 2021 20:57:19 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame A0CA	0 12 B	38ms 36ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVBMbyxVi4Jg0PATyk-0uSCV2UcAvJEcF9XMofM1cUd1T9OseXn-1er4V0N8drYl04s11p Requested by Host: 496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com URL: https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT server HTTP server (unknown) alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Show response pagead2.googlesyndication.com/bg/ Frame 36D1	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/NEBu3pajZdeXNrzBMTKKpDrnjihkyh5N8uMAWlauysY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 34406ede96a365d79736bcc131328aa43ae78e2864ca1e4df2e3005a56aecac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 12:31:35 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 30344 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5770 x-xss-protection 0 expires Sat, 21 May 2022 12:31:35 GMT
GET H3-29	200	style.css s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	1 KB 547 B	7ms 7ms	Stylesheet text/css	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac40c14f16707c8f0059be19b098ca526315af227a4ea52f2e8516fa111885a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:11:46 GMT content-encoding gzip x-content-type-options nosniff age 17133 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 523 x-xss-protection 0 last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 22 May 2021 16:11:46 GMT
GET H3-29	200	main.js Show response s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	1 KB 540 B	8ms 7ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 90206bdc0854c3a77cbba9a0ded2601d7d760cf7a36cf6c90c71ba0776f94cb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 16:11:46 GMT content-encoding gzip x-content-type-options nosniff age 17133 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 516 x-xss-protection 0 last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 22 May 2021 16:11:46 GMT
GET H3-29	200	tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame CE9C	110 KB 37 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:19 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37930 x-xss-protection 0 last-modified Tue, 20 Jun 2017 21:14:35 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 21 May 2021 20:57:19 GMT
GET H3-29	200	back3.jpg s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	15 KB 15 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/back3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 01fa3ab7c10c39072937c36c143d21a2fece1669f001c9c18a35972f10d2c86d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15301 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	text3.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	1 KB 1 KB	7ms 6ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/text3.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9763783ea9294dacc571d5b06fc620e04f4fd3706d9785f47eb0a9f3eb664269 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1225 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	cta.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	1 KB 1 KB	9ms 6ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 903f7ee3f07c8b7d0f714158fa9941851a0714a21317d76d235952462652d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1435 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	nissan_white.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	1 KB 1 KB	9ms 8ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/nissan_white.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c7d7a998e21639a66f503ef12f28d7c4d0c25ada291e91c59cac88b2c346300d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1513 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	text2.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	3 KB 3 KB	8ms 7ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/text2.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6f107ea7afe92f40008ac28ace9e78f6caa1f015a9bb835634c7752635b44b70 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2795 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	ml.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	395 B 417 B	10ms 9ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ml.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf298f06925d8b83a285b2efce29c5efc2613e7583970e338e4afebb2576687e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 395 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	text1.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	2 KB 2 KB	9ms 8ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/text1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 34bfcce44226fc93e0f61a1e34bf4dfe74d2cc215c04a987579c68546f5083f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2518 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
GET H3-29	200	logo.png s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/ Frame CE9C	4 KB 4 KB	10ms 9ms	Image image/png	2a00:1450:4001:82f::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b24dc8a933c87b9fb41c7714d6d88c99110da0538922f9da9a397548a155e270 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9929072/1616761759395/MICRA_728x90_PROFITEZ_EN/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 13:36:11 GMT x-content-type-options nosniff last-modified Fri, 26 Mar 2021 12:29:19 GMT server sffe age 26468 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3771 x-xss-protection 0 expires Sat, 22 May 2021 13:36:11 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame B47D	0 23 B	63ms 63ms	Ping image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvY3SkabdnSS4iMyJNxq2bFz1ZQrnxqeJSyBiQrj5A9YLBEBz3hHCzfRHs9d72XR4Pl6z7SUyfTMNDw98S7L9jFlsXAbrON-PUmjbG66MLgTt9cfE-ggPJ4aokw1AX8nrNBWhXR8Mdpvmwa67R1ECaUYbEpoviWc6DPmWSt5F8_EoG2tMp3oG-aFcIkjuQYlxc12VNvzJJnfIJlic7u&sig=Cg0ArKJSzGWQjklrH2o8EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&vt=11&dtpt=154&dett=3&cstd=54&cisv=r20210517.95406&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6CF3	0 20 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYDcIrx6oYOjXFKjc7_UP-eieoAkAAAAAOAHgBAI&bg=!2dql2p7NAAZ7hX_Ue4U7ACkAdvg8WomxexBOMSvyDueAg6Fh7-7fgxSpQEk4_MBsoxCiKrsLbMHTDAIAAACpUgAAABFoAQeZAolxEKIh3YGZ70DwDCLUcvflKu6UzqKawGHcQFvFLit7CZR4eWw_I0opx__ykxj5Pk9EPmdpu8_RFiIBXSb2U25up_KJ5d6yZlxyY223OzJoGWN3Emy3uPIbZWdXNsqH8hz92xszsPMcac2oMeIc1NljH7-B5HNQWDpxK2gnioNkIzBGLRKCrvnJwDGMFv-MfLroZ0eqdGT50X3fbuW-zjana2Z4pvaXJecVuEg1RBTJmHHbghhJHEZXSQT2rApE0d1B1EyEsDZFRaM4lNDwPt6GN8uw2nHcxTrVASeQZxDHIDrI-mvZAwfPVGV6arUpgHjtvFSwjGcnzOTmho8G1eENxsKDOUoHpjFY-YB_iAA8Ta3Q83xOJ0Wqe1w99I0qUd6AUxnwMGLmuSXfrBpR3CJsIlfUL5mV914uUE_AcUSVrUj-PPbdpjVbfTd3gJEAepiSaiVVn4wyjMpRjKAV5Gd52jYhox5MbUeCJ-bRWa9d_3y5E_uzCHG8czyW0JjS2BOj1tovOWTM-QSBg0Jg3DiIMtDL8HJNKKatsoMXK4m6oBm01skX_g9tdJYQI5pFDfpR8AvVadR_i8j-ot0Z7r2-llMNjq4u7zeva7m2VnBwwEsgyY6RR25dHrkXuz9ka1wL6S0_UawF9AqIPN1YfxXjgyiBAW1t72hffWjPWQOEyvOHJDpCxzEaXuyJa8Flf33bTLi6VXEThEXc2QJpcAcvhmhsgm-a8eQleioq8OOLUC9fb4g9AT8dT-Fa3ohLtgwMewJlgQQsVnIrPUY9eX0UDtsvOqRazyaNuqXBEQUrzytB8AL26KZdCs5NZl9STi3gXNmrQrMD2ks4M84dKCRwSny45zEBz48j Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 36D1	0 20 B	40ms 39ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfPAqrx6oYPDjFp6t3gOBmZ6YBgAAAAA4AeAEAg&bg=!ISKlImbNAAZ7hX_Ue4U7ACkAdvg8Wnem5a6m5A-pPXRE8_1294iNgr2dxis3jYPf9GpY9vz3FspF9wIAAACCUgAAAApoAQeZAoZib7evgbt0lQYOc520CdxW9wF2w8WjXzgBGK82l2exOihqv5f7KDbVEQhpfte2Udq-c7m_nvVLAzOeGb_F2rpmhFEwDYr1Mn6iNTAqyE3m6n_Ph7Z1RSZonfeKDNb6QbslQdXd5ocEaSBH-1ota7tMR_Eq3Kl-GSayZUFNFC8Wk_CuRWs2cj8UVPQI37KnBeV_YqI3t50iKdSI9CCWixhCKR8REa8c-S9GOo2OBt-8IRQYbEpHioFpI8L3jeySMFiIfa55EPGbCYsWEzvs6hBoC12U13XhCPtQfp0Rc4nwT8Q7ScssjNpv1aMNY_oxNoXvuTlYylQrTPgrrHVcgZiwrMy22gH4ypLYRqHe0aF81bVrKD3bPUVto6DWK_SgmCxKc7pHwyevXTf0n2sq9rdJmHfNel2GRWnRbOmgdZBF0uNygIovAwSgDD4YZnOtDsHXtwmZhtY5qvHWBVtSy8PXAFx54FlF61poG7slDT4xnbC1axc0A1p0DN2QgXiSosJ-hRPGsdpiKX9PKmupeSOFGKn8onDiwrweLpCP4AhYs66V7rdsMawcQGCsxhzhTZmuhg4tUavq33BEg0d3Dq5kGG6iLXuQdOElJX0iL0-JGYpJcO5PNhBolWyHJIAFlQUUDJsqV8ShxPYkjbHSqY866oCjQNwmoBY2iYhdvx3lEp5lr8XpaUGOz8pUxlG2abtgiVNYyoOFJib2-Qvmsbx357Q0eGsb55OGPs5LuCkNZw92Zbmn3JHQ3A6T89zoz3kDU4O1dOWXw1XG78t0LueQlaZFfoAmmjhFbhRBT08gMRY65v63uPk7M1MK163AlIrw-q8MPGmi8rTfNJ0fmxQj0CpEe-81 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	31ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:20 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:18 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B47D	42 B 64 B	46ms 46ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6pNBpRIEg3PZjGprOQySBOPRoSbwpZaTz75Lv2iWXWRB3g4sUpryW_Zhk-gqqFevccYTnZo7jHQE0WvO6Sj7ZPKohDjWIsGBB2ip41ehr4xzAghXzEH4AePb50A&sai=AMfl-YTH0-Vxa_vuyCv8oTmVEVnwqZgl9LzcU3hp0d9oJvcsDbjWavq9apPsU5V4r3Zufi5bE9jhNGWNr6UeU0FVEqaBnohSH2l37tEKcdVQoPTDkedIAFX_5VI1PSw&sig=Cg0ArKJSzDoA-8EEztW6EAE&cid=CAASEuRoqPqUyfs-um0ZBz-WpvN1mw&id=lidar2&mcvt=1000&p=1108,436,1198,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2530142577&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621630639298&dlt=10&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B47D	42 B 64 B	39ms 39ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsoLNCj6J_Y8HjLlxqfFvFaXgNH1CAveRfOQHziiIMDXQi3uktG6_BaF_jQw33KWFr8NbyHVz6Z-gbatt81sBX1w&sig=Cg0ArKJSzC7lKkQsM7cpEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210519&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://496b1130e10ff9b2c97cad015bd6dc2b.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 21 May 2021 20:57:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	31ms 30ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEzMzAxMjciLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE2MzA2MzMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiRlIiLCJwYWdldmlld19pZCI6ImU5NmNmZjkxLTBlYzItNDIyNy01NmJlLTU1ZGE0ZTFhZTE2MiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTMzMDEyNyIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTYzMDYzMywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJGUiIsInBhZ2V2aWV3X2lkIjoiZTk2Y2ZmOTEtMGVjMi00MjI3LTU2YmUtNTVkYTRlMWFlMTYyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:20 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:20 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 65 B	31ms 31ms	XHR text/plain	3.126.196.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-196-163.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOTZjZmY5MS0wZWMyLTQyMjctNTZiZS01NWRhNGUxYWUxNjIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxNjMwNjMzLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= pragma no-cache cookie ezouspvh=46; __gads=ID=4bd58e3fa3d01f28:T=1621630637:S=ALNI_MaOa95rYTHpKyZdpZBwmgUG8bqlyA; ezouspvv=160; ezouspva=4 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 20:57:21 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Thu, 20 May 2021 20:57:21 UTC