trovas.ch Open in urlscan Pro
18.156.95.187  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1

Request Chain 105

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgm-mBaWgBCigW50CaQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1

Request Chain 106

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1

Request Chain 107

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D

Request Chain 108

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1

Request Chain 109

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgm-mBaWgBCigW50CaQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1

Request Chain 110

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1

Request Chain 111

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D

Request Chain 119

• https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement%22 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_pre=CNWFh9eY5PACFVaFgwcde7cCoA;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement%22

Request Chain 124

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1

Request Chain 125

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgu2AWSiMrcp70XHXXgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1

Request Chain 126

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEKacxnuH9AHQ__R7wU3Dk7M&google_cver=1

Request Chain 127

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTIzMzUzNDc3MDkyNjQ1Mw%3D%3D

Request Chain 148

• https://pixel.adsafeprotected.com/rfw/st/720504/54772583/skeleton.js?ias_advId=tn270nDf&ias_campId=v1__amncamid__%ebuy!__49059328&ias_pubId=pub-6396844742497208&ias_chanId=v1__eHzN2tHl__1__${APPNEXUS_AUCTION_ID}__${TRUSTX_AUCTION_ID}__${IX_AID}__${OX_AID}__${PUBMTC_AID}__${RUBI_AID}&ias_placementId=v1__%epid!__549644393847793680__19415562&adsafe_par&ias_impId=ABAjH0gT9f6w6-IYpvn36tA3fYwa&adsafe_url=https%3A%2F%2Ftrovas.ch%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e44e96da-eea2-4ba9-64b5-f977b702969e,c:dBMWmi,sl:na,em:true,fr:false,mn:app30ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1,nbld:0,fm:syoWCi8+11*.720504-54772583%7C111%7C1121%7C121%7C1221%7C123%7C131%7C132%7C1331%7C14,idMap:11*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:403,oid:80330676-bd21-11eb-a88a-02f1c4264b70,v:19.8.201,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

Request Chain 191

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&C=1

Request Chain 192

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXh.yhqkzSmAHJ59rEfgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&google_hm=2

Request Chain 193

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEICZAW_XdaUP3GKVaLm9Ask&google_cver=1

Request Chain 194

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MTE3ODEwOTcxODkwMTMyNQ%3D%3D

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response trovas.ch/	98 KB 24 KB	455ms 352ms	Document text/html	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 2df008788a5e39471075061e9eca745e97f9f05edd3b1dae5ba0f71affa75dee Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :method GET :authority trovas.ch :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Tue, 25 May 2021 06:21:53 GMT display pub_site_sol expires Mon, 24 May 2021 06:21:52 GMT pagespeed off pragma no-cache response 200 server nginx/1.16.0 set-cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; path=/ ezoadgid_174954=-1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 06:51:52 UTC ezoref_174954=; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 08:21:52 UTC ezoab_174954=mod1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 08:21:52 UTC active_template::174954=pub_site.1621923712; Path=/; Domain=trovas.ch; Expires=Thu, 27 May 2021 06:21:52 UTC ezopvc_174954=1; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 06:51:52 UTC ezepvv=0; Path=/; Domain=trovas.ch; Expires=Wed, 26 May 2021 06:21:52 UTC ezovid_174954=713473710; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 06:51:52 UTC lp_174954=https://trovas.ch/; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 06:51:52 UTC ezovuuidtime_174954=1621923712; Path=/; Domain=trovas.ch; Expires=Thu, 27 May 2021 06:21:52 UTC ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; Path=/; Domain=trovas.ch; Expires=Tue, 25 May 2021 06:51:52 UTC ezCMPCCS=true; Path=/; Domain=trovas.ch; Expires=Wed, 25 May 2022 06:21:52 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-middleton-display pub_site_sol x-middleton-response 200 x-powered-by PHP/7.4.18 x-sol pub_site
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	165ms 57ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash 8e9aeb3566be18cd0e83753c196da8ba34ea6e22451f3005b690901022f8e463 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "882 / 583 of 1000 / last-modified: 1621894322" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21372 x-xss-protection 0 expires Tue, 25 May 2021 06:21:53 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	262 KB 76 KB	42ms 23ms	Script application/javascript	2606:4700:3032::ac43:b890 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,luponmedia,oftmedia,pubmatic,rubicon&cb=194-4-19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:b890 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8af13c38cab8fd4032096e22c44fdf544c94f73922f227a69e0d8c8718c70611 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} server cloudflare age 434401 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PvcktugjudxzLjwxUDwiA45XcbjWo91bxnG0BtVc0BgDZmadksnw4Nj4P%2BRky%2FKKSLFAfK0Qx60zW%2FqdWUJMimewIZGEoJDkCb2W%2BQ4IkRJ4WS51%2BUu3OkETC3%2BlJafZEKkNOh8v"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 654caa86ba8f4ed3-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a43c8e83100004ed3c506c000000001
GET H2	200	/ trovas.ch/	2 KB 768 B	96ms 95ms	Stylesheet text/css	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/?ff=1&pI=style.css&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / PHP/7.4.18 Resource Hash 6f0cee03cafba12a1684d4f70f2c7c1d9c3534e28c3b200e618657234b23a793 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /?ff=1&pI=style.css&wps=true pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol pub_site display staticcontent_sol, staticcontent_sol x-powered-by PHP/7.4.18 x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 content-length 593 pragma no-cache response 200 server nginx/1.16.0 strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	style.css trovas.ch/	15 KB 4 KB	96ms 96ms	Stylesheet text/css	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/style.css?ff=1&wps=true Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash ffcc632ac20394b6d29315f30b7f8672b1fbdf38f70e129857d1bef673d45e2a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers :path /style.css?ff=1&wps=true pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br vary Accept-Encoding Accept-Encoding,Origin x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 content-length 3800 response 200 last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag "3af8-5b452638c2480-gzip-gzip" strict-transport-security max-age=63072000; includeSubDomains; preload content-type text/css cache-control max-age=604800 expires Tue, 01 Jun 2021 06:21:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	88 KB 35 KB	38ms 19ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c59df86de3ceabe0f74d85b463089512b97960ef6e98ee791673508230443344 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35794 x-xss-protection 0 last-modified Tue, 25 May 2021 06:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 25 May 2021 06:21:53 GMT
GET H2	200	banger.js Show response trovas.ch/porpoiseant/	43 KB 10 KB	58ms 53ms	Script application/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 6479a7112fd3ba54336deaf72ae4beb06258c65426d5e29d02ae524bbf18d600 Request headers :path /porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H/1.1	200 OK	/ can01.anibis.ch/	62 KB 62 KB	242ms 73ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/727/931/038/ZoMs5D_WZ0GCTgqMfBYhtQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash fdc5304bd2fefcfba04311a2c0a15e0841cd182435307bffe2e4404a5b6da7d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	31 KB 32 KB	260ms 81ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/690/931/038/4cPbcYU9kEWnyuBL-LEvWQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 131cd6fa0a68bfd40bf1f84b218ae7fd0f42f339591a646a7bd0289892c28275 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	33 KB 33 KB	234ms 54ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/750/931/038/3pHqE7q1f022grxgxzMEgA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 402c913ab537ba485c432ee5590f8f45ffe06e3a7d806a26626d575dd628d8c2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	35 KB 36 KB	255ms 74ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/832/931/038/ngZRVdMGr0mhSDyardormQ_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 47e760cb6b28a679c0a309e0d73306c1e6d6195e13ec7cb6cbdb76b3e82a20df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	25 KB 25 KB	253ms 73ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/796/931/038/VvmEhNcgh0CglQuZ7k9SHg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 58928be892e457fea65b8ea981ea41fcc0605d1c701b58b218e2712aa780564e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	73 KB 74 KB	287ms 89ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/829/931/038/FVMqLX-7CUy2oSFBjvvJ7A_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 03cad88ca95455721e8e2b57171617e62519415133f14147197949a55609ba1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	22 KB 22 KB	74ms 73ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/841/931/038/CQV15YuuFE2rM27jA_F6Og_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash d3e23cf440645508411646de2e4846a2d72595a0116be79edc50a898abe13a30 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	75 KB 76 KB	56ms 55ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/670/931/038/6JCKYe34XU-vQUB9O6_IJw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash d73f5dc63a4c837c51a512f4b9f120cebbba72c35fc10a7bf15e4a5944b11051 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	25 KB 25 KB	83ms 82ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/851/931/038/-r17xgNAnUeuM38hM_5lZg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 0ee636a7e00aae8ffbd18cb5a624335e8835b3d0db38510ade0d1d03530454e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	28 KB 28 KB	62ms 61ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/858/931/038/RK-XELeYZ0qka3qq063oFA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 6d83e5ead87b2d92b8e46e16db36371073937eccf36c0ea19ba76010d9447c6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	52 KB 52 KB	55ms 54ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/545/931/038/05L86s0edUmSpY9yKG2b1A_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash e705d5b706c300d11baec5075e8886a3871e8a997ad7ee2fdb714d796f25091d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	27 KB 28 KB	55ms 55ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/586/931/038/ix8JklEuVkalmdOCXyXQzg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash b8e55263b1a82a36af8019eac7d2f24b622475654c350c1e26af87f24b072dc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	50 KB 50 KB	67ms 66ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/582/931/038/Vg7mT-XJnUqFcO9xHPsosg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 19e12c2e400de6956f0a1f9a065eb8da0ac8e60f60c828bb756b68d9f9df2e99 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	25 KB 26 KB	61ms 61ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/780/931/038/bxoZCOJX6kakpDD8NbPgsg_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash ed94d4271a951561d2395a5b647ae139ee319538d56d5738a5f64d3ee709174d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	23 KB 23 KB	62ms 61ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/666/931/038/Z9WPs1x1rE-7YzoJqHSqow_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 726576a97e73886ffe6cd6b7dc3f0d34ac5e4c5cbaa7ff19362b183dc354e9c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	37 KB 37 KB	56ms 55ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/601/931/038/XI8YuJKvvEO6_3MO3mwrQA_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 0aa2e6759c6940380da55b450fb2558ba1104aa2205992fce7a519b15822e7fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY Content-Type image/jpeg Cache-Control max-age=604800, public, no-transform Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H/1.1	200 OK	/ can01.anibis.ch/	61 KB 62 KB	52ms 52ms	Image image/jpeg	91.208.180.149 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://can01.anibis.ch/?1024x768/3/60/anibis/647/931/038/NdjvAqGD3E-4LJa0KdkEHw_1.jpg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.208.180.149 , Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS can01.anibis.ch Software nginx / Resource Hash 7689d5a1b109d21506efcd0c34c8078337add45625ec7784d376819da841d44a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 25 May 2021 06:21:53 GMT X-Content-Type-Options nosniff Server nginx X-Frame-Options DENY X-Cache HIT Content-Type image/jpeg Cache-Control max-age=604800 Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubdomains; preload Expires Tue, 01 Jun 2021 06:21:53 GMT
GET H2	200	ezosuigeneris.js Show response g.ezoic.net/	555 B 562 B	159ms 51ms	Script text/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigeneris.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 19de36934fa81faf186a937b2cb7ab0f0e0648b4f95de610a7300947221ba9a9 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag d0c4bbab4045b0c9809ad9d5ae8e0137 vary Accept-Encoding, Accept-Encoding content-type text/javascript cache-control max-age=999999, private content-length 275 expires Mon, 29 Apr 2020 21:44:55 GMT
GET H2	200	cmb.js Show response trovas.ch/detroitchicago/	122 KB 31 KB	60ms 59ms	Script application/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 84d543a63c33ffd371a2004921f114415ee02c597471a1fe08942ba6c14733fd Request headers :path /detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b112735cd560ccdafebb2cb9f6a66efb65e00721265a1ffab0ca3341105983d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5dabda3c6f0eb9c30d61aeaac42d50d81e247093f88bf51db72d7e97c6dea1b8 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 774ccf1a7033950e23c7f32b21b95d0b25d60427d63ff4abb0050b089a1b5612 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e5d50fdf7f7aad7bd8b8ee5edf248aa87a67ad96fbcf50e47f0ea79b7136e5b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 26fc62ddf511a15bff8db976341cfe15df8b15565c0ae142429505281c0d2e65 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	71 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3887bee994458c0ac3b29b007c47c18353cec87e118a679307ea33474230c69a Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	i3.png trovas.ch/img/	3 KB 4 KB	66ms 65ms	Image image/webp	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/style.css?ff=1&wps=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 2c3b7b288c8d0fa45fe3520a694e0b788a17036cdd4e27327fd3d6fc7d9d6ce3 Request headers :path /img/i3.png?ezimgfmt=ng%3Awebp%2Fngcb4 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/style.css?ff=1&wps=true :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/style.css?ff=1&wps=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br age 63080 x-amzn-requestid e144958b-c0a0-4528-ac5b-dd45adc73768 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1Yb7HtHIAMFldw= content-length 3454 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60aba119-09a08d900190fbf73de7eac6;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA2-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id iYeeoiO0Cv0GXZRJp_1SlOWI8Jehv1FV5bhjQ6BmNaSL97i6Y5zCOA==
GET H2	200	houston.js Show response trovas.ch/detroitchicago/	3 KB 1 KB	49ms 49ms	Script application/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/houston.js?gcb=4&cb=36 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa Request headers :path /detroitchicago/houston.js?gcb=4&cb=36 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1163
GET H2	200	nmash.js trovas.ch/porpoiseant/	33 KB 9 KB	52ms 52ms	Other application/javascript	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/nmash.js?v=19 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd Request headers :path /porpoiseant/nmash.js?v=19 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode same-origin accept */* cache-control no-cache sec-fetch-dest worker :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br last-modified Thu, 20 May 2021 16:48:11 GMT server nginx/1.16.0 etag "854d-5c2c5b56208c0;5c2c5b56208c0-gzip" vary Accept-Encoding Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 9 KB	24ms 7ms	Script application/javascript	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding gzip etag "WhyxmPkT7L77qVDcrjxwGw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 01 Jun 2021 06:21:53 GMT
GET H2	200	imp.gif Show response trovas.ch/detroitchicago/	43 B 128 B	52ms 52ms	XHR image/gif	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Warsaw%22%2C%22country%22%3A%22PL%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22e8f6fc7b-d109-4bcb-66ab-6675243a8c0b%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2202-822%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36939%2C%22response_time_orig%22%3A47%2C%22serverid%22%3A%2218.193.78.55%3A21548%22%2C%22state%22%3A%2214%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621923712%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1318%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers :path /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A0%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%221%2C1%2C1%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Warsaw%22%2C%22country%22%3A%22PL%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A174954%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22483%22%2C%22iab_category_1%22%3A%22539%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22e8f6fc7b-d109-4bcb-66ab-6675243a8c0b%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2202-822%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A36939%2C%22response_time_orig%22%3A47%2C%22serverid%22%3A%2218.193.78.55%3A21548%22%2C%22state%22%3A%2214%22%2C%22sub_page_ad_positions%22%3A%221100%2C1126%2C1126%2C1126%22%2C%22t_epoch%22%3A1621923712%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ftrovas.ch%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1318%2C%22worst_bad_word_level%22%3A0%7D pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br server nginx/1.16.0 vary Accept-Encoding Accept-Encoding Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control no-cache, no-store, must-revalidate, max-age=0 content-length 47
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	ezosuigenerisc.js Show response g.ezoic.net/	0 54 B	53ms 52ms	Script text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/ezosuigenerisc.js?nogen=1 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT cache-control max-age=300, private server nginx/1.16.0 content-length 0 vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8
GET H2	200	tr.jpg trovas.ch/img/	4 KB 4 KB	112ms 111ms	Image image/webp	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/tr.jpg?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash 9c966e431778c1dcb42ef3389115f209f07d8d04bf0b221504425fc81159dafc Request headers :path /img/tr.jpg?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br age 60654 x-amzn-requestid 64a10ad0-bee7-45e5-a1c7-9ab99479ff2d x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1eXBEYmIAMFdtg= content-length 3656 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60abaa93-651b9e5e2cc1badc16da3f9c;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA2-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id 2WWLb2QBoKlNU3nnywSxU-mQFmYN7x24KMzT4t6VjpYJV5tUhy3SeQ==
GET H2	200	arr.png trovas.ch/img/	3 KB 3 KB	63ms 63ms	Image image/webp	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://trovas.ch/img/arr.png?ezimgfmt=ng:webp/ngcb4 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash f3d9b11f0214ef1686c1e744aac68cdb7f00d0fca136bc211c4fe42290d1c797 Request headers :path /img/arr.png?ezimgfmt=ng:webp/ngcb4 pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding br age 68053 x-amzn-requestid 0fa57aeb-0331-4b6a-864b-43b881e56027 x-cache Hit from cloudfront x-middleton-display staticcontent_sol, staticcontent_sol x-middleton-response 200 x-amz-apigw-id f1MS0Gl3IAMF_8A= content-length 3180 display staticcontent_sol, staticcontent_sol response 200 server nginx/1.16.0 x-amzn-trace-id Root=1-60ab8dab-1f88964d27bfba980a10187c;Sampled=0 vary Accept-Encoding Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront) cache-control public, max-age=2592000 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id NrhuH8teD6OZAN7P0IGrEIhcUR2k5pUepY9DCtCRssFEdnzgjARzkg==
GET H3-29	200	pubads_impl_2021051901.js Show response securepubads.g.doubleclick.net/gpt/	310 KB 109 KB	65ms 65ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash 6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 19 May 2021 08:40:12 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111403 x-xss-protection 0 expires Tue, 25 May 2021 06:21:53 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4377331-90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 3117 date Tue, 25 May 2021 05:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Tue, 25 May 2021 07:29:56 GMT
GET H2	200	rules-p-31iz6hfFutd16.js Show response rules.quantcount.com/	3 B 428 B	24ms 6ms	Script application/javascript	2600:9000:211e:1800:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-31iz6hfFutd16.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:1800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:14:39 GMT via 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront) age 47234 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 3 last-modified Sat, 04 Mar 2017 19:50:24 GMT server AmazonS3 etag "8a80554c91d9fca8acb82f023de02f11" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop FRA56-C2 accept-ranges bytes x-amz-cf-id _XElkv_P_klCs15pumQr86tBFKpMe1t1T67gZ4pv3jH13D6QEwsdlg==
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	27ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1642158966&t=pageview&_s=1&dl=https%3A%2F%2Ftrovas.ch%2F&ul=en-us&de=UTF-8&dt=Dein%20Gratis%20Inserate%20und%20Kleinanzeigen%20Marktplatz%20-%20trovas&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=624442857&gjid=253709463&cid=1644844855.1621923713&tid=UA-4377331-90&_gid=947538500.1621923713&_r=1&gtm=2ou5j0&z=150853531 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 25 May 2021 06:21:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://trovas.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 104 B	47ms 47ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiZDBjNGJiYWI0MDQ1YjBjOTgwOWFkOWQ1YWU4ZTAxMzcifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6InVuaXZlcnNhbF91c2VyX2lkIiwidmFsIjoiZDBjNGJiYWI0MDQ1YjBjOTgwOWFkOWQ1YWU4ZTAxMzcifV19XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:53 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:53 UTC
GET H2	200	pixel;r=634593524;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-56677132-1621923713327;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-... pixel.quantserve.com/	35 B 371 B	11ms 10ms	Image image/gif	2620:116:800d:21:51e4:db4b:4436:b305 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=634593524;labels=Domain.trovas_ch%2CDomainId.174954;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Ftrovas.ch%2F;uht=2;fpan=1;fpa=P0-56677132-1621923713327;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=trovas.ch;je=0;sr=1600x1200x24;dst=1;et=1621923713327;tzo=-120;ogl=image.https%3A%2F%2Ftrovas%252Ech%2Fimg%2Ftr%252Ejpeg Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:53 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.pl/adsid/	107 B 799 B	48ms 14ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.pl/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	34ms 14ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:53 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	48 KB 17 KB	557ms 557ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=955085961454281&correlator=4239388552490070&output=ldjh&impl=fifs&eid=31061260%2C31061270%2C31060976%2C44742768&vrg=2021051901&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-box-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C300x250%2C300x250&prev_scp=a%3D%257C124%257C%26iid2%3D163584%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-163584%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D8%26br2%3D4%26ezoic%3D1%26nmau%3D3%26mau%3D0%26stl%3D37%2C14%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%7Ca%3D%257C251%257C%26iid2%3D163584%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-163584%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D8%26br2%3D4%26ezoic%3D1%26nmau%3D3%26mau%3D1%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%7Ca%3D%257C1%257C%26iid2%3D163584%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1126%26sap%3D1126%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dtrovas_ch-box-2-163584%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D0%26bvm%3D2%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D8%26br2%3D4%26ezoic%3D1%26nmau%3D3%26mau%3D2%26stl%3D32%2C13%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621923713&dt=1621923713768&dlt=1621923713054&idt=409&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C639%2C962&adys=171%2C171%2C171&adks=840336167%2C3122676339%2C3122676338&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=323x250%7C323x250%7C323x250&msz=323x250%7C323x250%7C323x250&ga_vid=1644844855.1621923713&ga_sid=1621923714&ga_hid=1642158966&ga_fc=false&fws=0%2C0%2C0&ohw=0%2C0%2C0&btvi=0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 71b6f14ad80073a921ddec6777231a18e7ac7f148d0263479d856bea165dd353 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17064 x-xss-protection 0 google-lineitem-id -1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/	0 0	30ms 15ms	Other text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-38/html/	0 0	28ms 6ms	Other text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 272 B	345ms 345ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=955085961454281&correlator=2508905056275368&output=ldjh&impl=fifs&eid=31061260%2C31061270%2C31060976%2C44742768&vrg=2021051901&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=a%3D%257C2%257C%26iid1%3D99985%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-99985%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D60%26br2%3D32%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D146%2C193%2C133%2C4%2C119%2C122%2C142%2C20%2C26%2C135%2C187%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621923713&dt=1621923713789&dlt=1621923713054&idt=409&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1644844855.1621923713&ga_sid=1621923714&ga_hid=1642158966&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 82cfb1bfa07745d041b9c8835b5a4483730e6edbb1dd058a834090f27c612a22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 242 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	50ms 49ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEwNCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNDU2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxNjEifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNjEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNTgzIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNTk4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI1OTgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEwNCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNDU2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIxNjEifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNjEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiNTgzIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNTk4In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI1OTgifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=52cf8463f9ca9a01-22e76ab61ec800f5:T=1621923713:S=ALNI_MZRteD5CnuyRGqM28SqPSC2R2dHGg accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 65 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuOCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjEwODIifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuOCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjEwODIifV19XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; ezouspvv=0; ezouspva=0; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=52cf8463f9ca9a01-22e76ab61ec800f5:T=1621923713:S=ALNI_MZRteD5CnuyRGqM28SqPSC2R2dHGg accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	47ms 25ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021051901&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f4d9ebf8b545f983e4797083575afc9b5f42ee3146bcde4280418b7507badc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8283 x-xss-protection 0
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	28ms 14ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 31E7	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Tue, 25 May 2021 06:11:33 GMT expires Wed, 25 May 2022 06:11:33 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 621 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame 31E7	14 KB 6 KB	20ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 128902 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
GET H3-29	200	container.html Show response fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8858	6 KB 3 KB	22ms 8ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 06:21:53 GMT expires Wed, 25 May 2022 06:21:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	37ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d20865ab544e7dab6a0553034edc5845335cd7c23375745db9a755c532311463 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855618012992" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27995 x-xss-protection 0 expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	container.html Show response fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E2C	6 KB 3 KB	12ms 6ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 06:21:53 GMT expires Wed, 25 May 2022 06:21:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26BD	6 KB 3 KB	9ms 7ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 06:21:53 GMT expires Wed, 25 May 2022 06:21:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	48ms 47ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjEzMjkifV19XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjEzMjkifV19XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvv=8; ezouspva=1; ezouspvh=8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	48ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyZThiOGM2MDg0M2U1MmU1YWFhMWUzYTUyMjg3YTJiYiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyZThiOGM2MDg0M2U1MmU1YWFhMWUzYTUyMjg3YTJiYiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvv=8; ezouspva=1; ezouspvh=8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	160ms 65ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 06:21:54 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	48ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvv=8; ezouspva=1; ezouspvh=8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:55 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTQsImFkX3Bvc2l0aW9uIjoxMTI2LCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjgsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1OTksIm11bHRpX2FkX3VuaXQiOjIsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTQsImFkX3Bvc2l0aW9uIjoxMTI2LCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjgsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1OTksIm11bHRpX2FkX3VuaXQiOjIsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvv=8; ezouspva=1; ezouspvh=8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	53ms 49ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyZThiOGM2MDg0M2U1MmU1YWFhMWUzYTUyMjg3YTJiYiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyZThiOGM2MDg0M2U1MmU1YWFhMWUzYTUyMjg3YTJiYiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=16; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 93 B	138ms 46ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 06:21:54 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	50ms 47ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=16; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:53 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	51ms 50ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTQsImFkX3Bvc2l0aW9uIjoxMTI2LCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjgsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2MDYsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTQsImFkX3Bvc2l0aW9uIjoxMTI2LCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjgsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjo4LCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2MDYsIm11bHRpX2FkX3VuaXQiOjEsIm11bHRpX2FkX2NvdW50IjozLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=16; ezouspva=2 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	64ms 63ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjJlOGI4YzYwODQzZTUyZTVhYWExZTNhNTIyODdhMmJiIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjJlOGI4YzYwODQzZTUyZTVhYWExZTNhNTIyODdhMmJiIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA4LCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDgsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5ODgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 17 B	133ms 46ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 06:21:54 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	64ms 63ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMS0wNS0yNSJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjgifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:54 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	63ms 63ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTIzNzE0LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImJpZF9mbG9vcl9pbml0aWFsIjo4LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6OCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjEwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhdWN0aW9uX2Vwb2NoIjoxNjIxOTIzNzE0LCJhZF9wb3NpdGlvbiI6MTEyNiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImJpZF9mbG9vcl9pbml0aWFsIjo4LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6OCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjEwLCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MywibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:55 UTC
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 8BA0	624 B 596 B	18ms 16ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 06:21:54 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnmphocF-WbHShae5B1vma4OXVjUlVIopiYMWcZo4QIMPHhJT9gQB5B9Q4Q; expires=Sun, 19-Jun-2022 06:21:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 25 May 2021 06:21:54 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6E2C	58 KB 24 KB	42ms 40ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBPAXhkb7UYbD7RA-OYT38Dzzs1x5DcooUE-2SCq4JXDmKRvkZXkslGdmR0KuQfX47MYYLAL9xX8qMyQUIiyO7ToHKPkFDQNlNInH8nTtDTt7EHE7Vp6Ics_u8M1jfjzbOw2dZYw6cV-NxiLBAliG4y9krSg&dbm_d=AKAmf-BvSqEuBXW0thw-wdGIQoQHOFV-1l4ifY6k7a8yz5JHO9CBj0xEeW4kRqlWC3btZwfTFJy7XT4Vmup5b3tqltyVlxuwA8zAGCFrY3Q18TeHB7kWqSMTkSMTSF9ImoHv6o709V2pf99N6D39TBXs__eKK6R9mQhDdJtQI6xBgmKz3g4OhzVH-mVSqWUtVdhRj7sKFVXcEcE067-_SvhXFQ3bYMtztwQCE_3rGNfYX2jurBeRNjZUeK_geRGdEvls8ALWKDZnOZan8oAwiXZmf6LDJFp6DvF6qUCIsu2BbTNs_dL0ykETFb0J9fttSvFdBN2Ny2KBt-PIN-0ItL0zkaa9-PGRs3zTe-LwSLChCOtsKzqZWlPZbQD0l7C04Mi1tR_FC5w_VkI9ECtDNQKi8F87oKZEOU8Ajxs4qyFhi-iN-fOtQHfU0yv22mglYWGd4FhTHI0NTGdlvJ2GZ13mm_6OuG86vuzYsvBA3Lfr2tD-DFi8657DkvJAtxvbQLQIAIG5PZHmCKQS4Rz4V-7sYAINS1nuD5MfXwV72nLUlzU5CWN6kGCXqS2lYL5CXWvX57T32UQpHV-AmESESgityeOC0h8tD5tw6pKXIA4Oj69DEhNXvDEap7gNSU8dYAo3YOhnxp7c7IwHKoXV4CpcWm6cU5lCQaps1BbKnRRUUy5XiWpMqa2cSEpkOuvZEmzMNsla6KNiOsTvQhdcU0_fJm9eqZt08acdr__0cdclsXw2RVzkZrYu8ZJyKjF8zuFbf6vIOMm9KDpqRwVIWAAF6RdQMu2ZyIXQ1E72BV681y2eT27T7Hmzxka8__7pyO1ashdpjBi4HmbOGSVJJcr8sb_-V8Uo3ti06ldXOKe3Y_CXnv3sEfdQbgmX_1aH-R7MoKglnZTu3JCjr7eFg0leDZmHEyly25u3ciggJplUCDb5YhnklxLVWNNi8Z270NfT3xSnNQlMb7VtnHik1V83sX-Ta2f0zS3DjPI76TOfYOLz7fcJMTY9IqpELy2N-9fk5c7rXaPsuzzLCejzcyy9FOziY3NdaEG_0oQQY72zNih6XPIPDmcH3inOd7BhPpu0QwIyLQ7htXLOujtfti8YAeQ6d_aV-C-pklD8ig4bYrCn-Y5JkSVDI6dqTk41ci_pVIAOUjQlOkQ0Ru5pIJueFXS1nFfgyqUGGmaSlwen7lqi2i3JJGlUmN_AfLOxT8JmsKp6ymcT8JzeyzYUNOIQwyD4t1c_KI4xLz4lqb4heiIlRdFreLw8SpAHl7FTsnBx0K2nBhJbckK5dqPxVg1cGzeCAvIvolsIP1Wic2vpTRy7q9BbahQ9UhdbnBHvvKND0yBRKgnLI8OfT7d6OypjaruAxsr7n5VPepIinu5yB_oCv__8-7j0Av2UZk4-7tT6bA_Hx8PZqv36yrMsmqmqF0GIrY_jj-r0zwwUkDeN3Hb0V8AHIDtgRZDQDkQcoLvPnDOnuxfubwX4jiYEta1vtAQONXVGuE5ECSfE_gVbHlmN212d5qbLz_Kd-oboEmMbUsIkb5kcdwWqkGqXZoaL8qg3mS208QTQXmAA9Oni35eRl97VeCzasyIpWE7vYql8_PmQAiXO7w3zoduDK1KPr5TajV1aknQ5TFMgxgAKQXKikga0G4a-7QiWn3eC-MzH6kiIEC01hFPEwinv8K5ePMBg5-sOvgda2-WvefawtzFClila_Hvk7tTFhedv6QwZj704iuqr5hHuUuHuawpqw6cHD8gopnV_ZHVIpVUzCWh4doc2vKTNFn64SD6tI0eNjnVm16Lp8StynE1YZRZnSsW5o-XSypBUVe8nU7hoseTqVjDZUlF4OAEaabwcgE3CbP0wcs1GYaiwy204X5TgESxZd_fscr_DU0aSJ5yClrr89ona0cvOusUcKbjUAjCEILivGc54_B8xkulikJ049BDOU4lBbAbDsMW3WA3scScouKP8cCMJZ3mNknyrhVRcraNZZnsMp1_94g3wQqj0GIsCVkSndCXlcI3fBaPa5UE3jjknUX9Fb7QMk77r2dsqjNPkUIXGCmC9ORKh_GgNoCfgGQGQZwY33T4r6UpVVcc_br3W6cX6MkzTJ0x1EWjJvKucuzzp1AwwHkvwhZAAscPRzDR1_SeB39pSGBi8hqeXC-H5tfybEwgEmcR5sUVCBsvDlm4DiZlB7PqISw0q6v0_lM4erOb947Ap8WG54H0NWg2WVjXab2pkxXzYE-s4jOWaAonyC6Bssm0RKShPDSoHcEa99SpqP3FFBdZOMBLOmWRrc3vk55o8Qzu_fy1jY8TD90N4qdpfsY2OUvHA4tN-7n7F6LYgiHitYuYJdU8Xzm0DSPeT4kLncofyI3ZMB_tZN9ld33PUaaYa-mi5K4_RNP-YyT7_V_QR2g-G2Wy65qkdwvnCZjuQophLS0B8g8Oxks54xk0Cxq5ckUOfo4qR_I6Sp-cfo7RtVvP0eXttn9EnD-L74pUCo-QrQvfr6a3XDJLDW190x3jMx1OO7fGZ5P1BCslYTgs09rcRFT086ErqMM03ig6MRG01aoCBBdJ03SV2cb4Hv46bh3_RGo44FlSDp2R4Sg4HRSyKWARSHDQdZ0hXXxlBp-OPSHnxnbhiFLWMk82P85udecRhMTJtwvG5GN6wh874kYy6gDA3D5bP80TiNsfAc7uoWZR8HoFeljN5Cxkq-DN_vz6EKz-gNIyuJGL1p-FLRq31mgzyKpLIJ9jJrYk5y1F4LkOqicE-QUhChNK0lzXxb_kawYVFmLZOn107oSaZswx5ckftnrLJLir0XNZ2SMCZvgFo3fNY6FLza4DZZHPf_fkDBLu_4VhZn3YaVwRek277UKtWj_MBIohTMluQrTB3awGgkqEYhBtECduaOWhglSOCgb9d8umh-ewlel60RHodPN_K9-oyeEwTxM2H8sC-5Q6VBYMA7J-NJ9igCnPWmXOaQw3icTzO7jnbxKAsV9yf8hFdnn9a0aqAplz_d5Bqv-gXpQlXgVX1a3sET31F7gcVSReUYrroGTvF2BYmf_dVNEiNuxpoeAabm37-keVpbhyvVeuZzUwbK7lt-O8-fJFSlTVdBuqwqfxbIOCX-zK0pwxCPIGDJhE&cid=CAASPeRoa76-JKYv9ZTv4DaJAtv5eZDiCP-eGAm3DBRmZijceC8WSPnn301kCsPJXn0gZW-X5JjsQW9F7oH-aqw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 90e6d6853439cf4d69f2647a999cb549c915f74700a84d3737a28fac391c2165 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24131 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6E2C	42 B 63 B	17ms 16ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Asamxn8pCWENzzSuaGcYzKNa_IkHiFrelmuYmv3-p7h7V7SaS4v17KZXXsgDaVTH9p4c2Vk8UGozkklhommBoYf62TTCchbHFnx1ziwluPCg_E6ak Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6E2C	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:18:02 GMT content-encoding gzip x-content-type-options nosniff age 232 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:18:02 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6E2C	119 KB 36 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6E2C	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:11:18 GMT content-encoding gzip x-content-type-options nosniff age 636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:11:18 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2EC4	624 B 558 B	18ms 17ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 06:21:54 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlkhGB7n2GTz2B81OipAjEhfUb9tOd-JjSom-eAFTiYmLf2DslSIZp76rT0; expires=Sun, 19-Jun-2022 06:21:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 25 May 2021 06:21:54 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8858	11 KB 8 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhlMfPY3DQRlVSnNJ8XuKrbucrvcryzuBrtklnXsiIJZz7fjhQsoc3VRaVoiYqURG8mdMj6RfWV9y5LhbF3zL26L-6hYUAoTvOHDSjJ-eRSSr89zLmrF6Z1T5dmXZ2tvZjXAFj-tKmbQzJg4Yrzor3MaGZtA&dbm_d=AKAmf-Bhi8vvpsAnpk4duRROCn4wyPqFsgl3CZGYbsdMqr6AwiDhgvGZfXBhJHgKA88I65caJ8br_KLIZkUALmTbVlISQe5dFCleQu2PKGBoMYINP9rupNhjWBf3DUZETtTrEGwv0NWSM3riNA9O02zLexNQFTcvxin5Js3Q7iEwcNmeKjCQCxX00GOCfwQmM38QdWh6ZbE1xZrQK_t50xQPnhvUuCac87wZOg7MimaFgy5KXw6M4bGvSxsZ2xgo2SIfzjXNKYeb_VaIBrz3hPCpjVWGrQG4KGB2Co5_K-qoroW3Ck-5Z0zp9ONDJ-8_XeePoTsnXabSilE5MTcPNWWDZbY0ENAO7f8NomJm0h8wADfq_pccE1kycT9FM7yoePrHsUKEeBQSqwuEclwkyLOabJgv53wcbI7iu2QL893pWwcH4ubrrQ5AaJuKBc7RFneewHJGUN31VblOJpFbVzEt35UkAO5Cj15KX5dHPEBJNLYuletYjdUsF3kWnhR5bnGlHgp78jbSoxL75VU9aSfeNPGKWMdOM4c5PPHQm7MfESEvS5j5d1sgE2PG5WYTbbrqh2icqZBygT5n5FzrsuBWkGyfBItWwDh83BIn4N0NFEu-9DqK4o0RqgfLHRmZJ0XuuZ8cyGN_qkFU3rm6fJ6PQFutxFStffX_rAQcMR-i2EuM--z7G7MT9_TUg27wQTf59ou8ejrQFNHhwEqj1On9hRjhSH2zTJFbcHlyWKyX3FiliUhURnqftQLLZaukq67Is3GnI7RiJNOzpfWMzr2k1bQh_GP7FGks7CZ3LvxYoHM9RvhEY2NGqxzLvTcIut8kPc1HWdkYgrN07ijDtei63Jw4iGZCyAfKOcEYl6ZhIdgYzjbuGUnw7pOLMt3N9T9wxJS9hDWDfaLPoedG6TeYDQ49FjRE1RMQ0n4h6Ict3ObTYEUbPmB0t9SObwbcBwkehu_7_kTUn4maeDycx3o7vhIk_DocygHrFu8irEkLJnzNXdg0ne5f9G4oSCGHOYxsdmzYkxV2aT6mAcMTKLwdJSuR2qCnMNnn2AQ1eiCt7I_ZNI7Dt9fsVfrOgLu4eW-ricYGAMseJgX8OqwC8_Zn1o2vOhdt-IP_MABMhK0KRlRDdPVIWXjKXkkvtM2nZA1wlhQiAVizL83rHAlWROYKRXhkT0mgO9SU5UNmXdJajoAJA5gYO977ucn31Lvig6xI2faGk3aVZuxMmq18eyLCl2TQDpnD1jG1aeKvAhzLaeq_soGvyNXnWINct7jaSKLLg5vTVMwypNRIaPZh5LqDC48vq64YBhEYvYqdELZCoTmBryY_5XYudPHDSSD9dcmVD6Nc0TOuExewhN5FzqWyQZyUeWLu918HYsn69cy6VjMqHj_2V7Ym1jh-8FmTeflzKGqnW7PlXdBMi4wQTS9mluYQxPRSIA6jznHgSVST_8n1YXefrt4G2r5gcc6RioHEBNnV8Dip5ZfX0rTFnIkjnUva1UZVeDN3XnLUzM4PKd-5QG5u1ZtyuY5vQqCZE3AyROLXklIM8u6Gxo49RHK1YVBtwpusGTtPeuf6iCBlpU1nD_v9NTG5p8T6RK18ZuygZ56D54W77nbHW7to-bpIGwqyCbjU7uG-1k9k8h8d5RYLt70WMOOjyFwYC4E6uyt0QalBY8DSoOu5DNTxCVeTBmGHul8ZRQQ-wikTBXjNtKqjFqvuCKUpR1-AdrC84ZyeCZiijkHWH9AaCmlHlIw_55LtFty2BxoKBg2ZcV6rzPUZDs_JwEmgyOb4tZQI7VxiSWRyVYaaHdTTSsRN2-4mRf1mZAzpMUooKaXNKe3Xvhj8WWf9V8zsp8zMtkjTW-s26vb8YqvQQ6FhH9CGXj0XG8w8xnKXWU0BF3jUGmHYczZVnJZQzQehEkDW-Zr73-0sM7lfCLrotEVXqRcPjtBLefJUPF2CWJ4H454-RYyH2URsisk7bjuPD4dckGUsjyRSGQRoQEPbt9t8gn9-VyNlWgop387sGWk1escu1Tp9-if09sD1-6MvIijKfOHfcS4szAEGrRksLRlCLbsOgOdn46ec8d13H2JONvEV3XW6nh7zl_iDtltl5_4Ye7t1qIf6zi6o4YTOtES1oufmQ2TNamZZ8lUimYVMs3CnJS1U0ZqhQ6-qx7qzyrpcxoopR0LtO2QZurSBFQnBam3Wm5AHfngY6zPlFXNMZZfSqrB_xmLYxYmHgkbkIHktE0Xu15fe1b-NL2WoGMXFaUTdTkInRMEZoSwVF0yM0yWXUFBBYBGHA7eTqAXtJGAqAV5YxNRBjr6vR5J4rPKRxR5lj9kUSGpyzD7dubQ5ktHh6jwvd_sPQX6JyAnkjoNdqjBNqaAWkzISTzEkF-hPmJiJM_ggAu33rUnVuxCnwFsfHqWsgAJgrb1m6b8Gk1PMatKGlYKnNeTI74uDDQkBnHs-lNCjmRdsgdJhGZtQNuqVUDo-NKRUrDNDlXnJ32Z-YddiepMAxHqiiIDOAugQLxN7Y1_8AFEwqr8IuseaPb1E5cP6x6wfvJVhfqFMkUywbQEGm8I1bvt7nK_dC4V5J-BFCXXuRVKkec2OCsgNOOQT7J5QnvjtMRyzkqGSrq0YNStuW3Hzebjlefuw4hhQBRgLdM4cKR84k1Zvr23I_aVO7zOlUWibsy3PIT0zufsM9XuzuhH6o-pte1YSYZX1Jx4iz7PluV9svmlBvA&cid=CAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6M&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a13cc9c970d704d0d61e60c85e72d25fb7ff48c4a89a2d6cdfaae1549861f9fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8006 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8858	42 B 63 B	20ms 20ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3XX5TE4QqKcy1nsKLuYPGz-ZhDYCVDhWShrZ0YkQ9CwCD77thiqdNBPw98qkqRwMyN3qK_DHRWKBWJ8fyX3c0C8rQnbT_gYimrALv3k_QvmY8VGg Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adj Show response bid.g.doubleclick.net/xbbe/creative/ Frame 8858	38 KB 15 KB	314ms 69ms	Script text/javascript	74.125.133.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWDJZhe6dM9mTVBKiV07oOcXjmL2anLnIVrnL7kpn5xcVcbup4&d=CnkAoCZ_4H2dkuv7mXl5y_oy52bxfmD8F2km1XqHvf1-B4_zsqVA4TqKAq8Kib4BhVqay4PyPyaE5tw7rH_smbzvcw-ayGsUi5VN8ZB4PHbN20wjEak2RgnM1sdWn0G0WILsTEoTMblbmFb1jn9LWa5djkrwCzmyZpiNEpkSAKAmf-AAzzS6t8Vgss-wKUMXFbHbib7sYayVoJy8tlKfs5LhwmRvu4mLALnC_ZSZXB3SjxC28eqqw4YJW9IQ-LerNp3an9IuDkzpd4vvR4zyBp2MyovwYv4wRsg3fkQbC46aIfxtysZcYQX5U0_b3rY3F0Z_nTM0GF3vzb_iLNBUC7yZGcg3OiPRdSlMw9MT2WimFdwtTElY1peMzfCniM7jOjsHfl_gMdLoxsr1LBwrWoQu3Y5p86No2I4fQ9Q4v3v5oAAEKS0PXYcX-FiLEPgMtjVfB6hIUjWwt0smExB0WcPq0g1cl_nb1--Z0uB9LkO6_vBUe6aQTk-X71zTc060TL5PsPvEn2mhzyL-I8mnWa7TNmYiwG-vdcyJeH1xX7JyGStyEfhr_0SKPXQpSKE7Mm4Z-uu4kaftkEE7xZHhqAfzpcumhOdeKFCRN1iSmaDVU-K3jlA-uW2XGbsx3et03KiGBrcrwja0h0xLEb9GtpH3hbnMFGnxH7Vk93ZTre10pJAGNAOi2SyFeiGRIf43g_KKYAv1faaqRelYHz0A2SIBHabJPqEdPN6DIcrVYozBpnI4Wd_bhVw1Ko45aLd_ME2HWk7f7qoiMpStxPXq0eb6p5kZCfwemHPXz-8L3OMSjbUapE25ZB9R1ZUaezsRW6SE81MCrdamabnlpO85-s-fUsrLDBjNlM1mH1wDQMo8uFHGI2s6UYKbxZC9Z24LIB5674Pvg3hEU5si851kHLIOCs1H6oGSsEdaqgCmdQ728gBJRwpYegy4vPM5fywfAUNr4TuFB5LMav6eBxwpPRm-NLkpFAO5g9F3Mvihmw3q1lBScrJ9Z4EWZy3Gt6eZmdZ-oyV2gxJsyPGWrBku5cIsf3NwM-gZFxBfDzSBTi7thWrtW5pTKugH14x0TxZYpzqRLAYF-MC5zTabYg1-H7koxgLogd_mXTl1iSabx6Obl5oxXGBH9qBA9y62WCj9zaCyuQeyoRYkS6DqhfDNWLEYBbLXwx7TD9XXXN1CR3lF5GzW_qSBhnsh1N8fxRLNlzTVbHq_bWI2SyheowCR4O5YbvP3RzaGFflwXoTbkmQeczL4zmgect4xqEI7LocRX7ZZSHMKoHlJfc6UMyLiYleP9AeNrnO9FwrLthwsgz5AORiDOlV_iwachus_8E6jZRGK73vzA8YpNWc7P3-NqpLjxB2raALru0WxrGENBtRMW7r-wQCoryddDqx7lGvl7DZ3PsVdIhy44F6-Uwz_maRXLdNERLrLfCpRtb50rTuFWmP_1c0im0hO56LOECpsbp8HW8yTcGye5GlLARFo0-MbULiPm-Q5IO8tka0O3JC5bjKQJxB6x7JF2nWcWdYtLa-fKmxfhmJmMH6t04dYheFp40UXYtjUdp3fdf4ttdanqnv3l_2JZZmQuT0D9SWq-SrLsIrd8SoleUs6GKJQUkCSyhwVi_jx9o74Yy6UDCeLPMvwO5fioRPN-xFDJ1tBHE5NoEQNCZdUcvGlccH2Clzd-6mC5--K9Tz-UGxjApT0zyWe3-ZZnUJRYHWoy6hPB-cmaERtH3g91e91zAv2aYA3rUBpjMWKGCh7R_itporGg1jUmbeAkievYNyTqU9opYK5o3BpC7jqwFLE-2la4cwncIu-V9vs5Pkgzds7vMVof8nCvaWI01_tEFuus-X7vThTiovYzI43zay-zMzXZTb4Rf_C1ART_Uv3hzCR8BZG69wZj5LYtl5BrASLdRHxA77uGtGuKC_IyEXWakcKsFwd6eV1eLlFmXFZKaKS7-z_zz5y0PXrQQ_JcdS5PhiWyMGT3qhaiufPTAW0JnysSL4iB-vKJICduVdH7kBLQ8kTwTum95SVXAcBpubv6YblbwTrsw6DC70AsDrl4b5OzaMD1wft1dgx0nGfEqvQ7V1x4DYNIy9jpq15HevQ1xTwBQD0gcWdrjlc0Yc_kx6UIiY0NzwVNQ23pBTiL2fTcZ18nKfnpViFCvrOerZcdYMTvScoX6RM9Oze09TwI7Nk04mqB5iDDrlJCakdZRpJpgkfIG7Jc4TD7FwxeRCTEdpCM4Va0HM4iiOuXION8W6UTFt88edc5e7tG_9HTDU6ltuc5AdO0l2Kg1pXj9QLA-toHJZq6qc8H6JKGjAdmwOt-2GIynd12SPGHpy74N4YxG9lGvLM8uYLEXTltYIcSD6bgteUbDWzuSCwCVZVw5L3mVYTtdyUT1Kfu-QQdqPT64sO7hc_XYtZgmvwgk_5338QOZXDAEdJX7eQo4HI18QXH9EEX0mnsWsKEfHVMwxWa02uJkF-WCG2mzbOxOSJzMrqCbaSfz5dpcKmWS8UBHPUYd_kJe38MzHb_OysLME-S-TvQEr_i9cAXKBn8wycVyZ4N2_l8mgNntyfEUedW-ea9Om9CPiP3YAFn4-sn9ErEen0ow5B4afOJeIu76le-HV7tlFjSNr-wgYuZgELoEll-WutC9cX0iKz99F1fXon7g2cnkyV3Jw7izxSsGOFkjUD3eiE1jmdZMiwJc5O-ls_cV93GDgE_LbgAX0q7D6VnLFbmAVgD88DTA3PNBTBqHMjqXhbKvoFi6rCMUXBCEdl_hE3jOEWpIxrKr0FSs_uvthK1kuJNt9ThxPEJh-isk-0Nn75euHzBKE_qFbBp1V35YXRODp3gtn8tL8inwKQqv_dwimN6TZ62_V2_SVuBzbn6yLeM-pxXLKedLBxilp6Zeiy93f3jCd-q4Jh2DDX3SfMy4QeIXopoqgt1TyAM24IqqXmKmLpn5ax8cq1-BLcpMoijsykLQuLa--RbSGWvrC0oQgS8mkdBtXOFkbbwBvfmEdZ3S0KEVZA9GAOFa0EhohgMsJP8Jl_fmF4Og2T8IHdDVmqBMvqcMo838y28Y3XnP1QhzURjaSYFhkT3O8eoOYDq2gXcj6vgGmTyrLxJq0GLx2kN2_F-Hp55Y5t67TZwi4HRf4XhZE4C8VnDX0DWg13eIn1_Ftcaa7q8AzAEfD0kyBOP1WZNZVBSLFPdCYR-mGcUtg3_lbACYlZKN0LiugO8ElzXio6f7ReygRlMxudjdLP-igG0CrglDoRBmxuah0YaLmUCxpBCAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6NgAQ Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.133.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS wo-in-f155.1e100.net Software cafe / Resource Hash 7be956814b969dc63a8f3d4a17a2e8f90aadb53e6d8adba6a866f9de26b7bf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14509 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	skeleton.js Show response pixel.adsafeprotected.com/rjss/st/720504/54772583/ Frame 8858	45 KB 13 KB	345ms 96ms	Script application/javascript	54.76.10.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st/720504/54772583/skeleton.js?ias_advId=tn270nDf&ias_campId=v1__amncamid__%ebuy!__49059328&ias_pubId=pub-6396844742497208&ias_chanId=v1__eHzN2tHl__1__${APPNEXUS_AUCTION_ID}__${TRUSTX_AUCTION_ID}__${IX_AID}__${OX_AID}__${PUBMTC_AID}__${RUBI_AID}&ias_placementId=v1__%epid!__549644393847793680__19415562&adsafe_par&ias_impId=ABAjH0gT9f6w6-IYpvn36tA3fYwa Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.10.101 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-10-101.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 78193663a80b3aac1f7452b9af998b8dd14902040e82e5529753a74abd0708a1 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-server-name app30.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8858	2 KB 1 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:18:02 GMT content-encoding gzip x-content-type-options nosniff age 232 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:18:02 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8858	119 KB 36 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8858	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:11:18 GMT content-encoding gzip x-content-type-options nosniff age 636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:11:18 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 8858	0 0	14ms 13ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfJ0zn5Fagujc_xc8Xs_565jU5ufPqlgPCqQJ2uraNRwrbj8ktAKu8dlCXAGo0yD8OB5Oh Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame BE24	624 B 297 B	17ms 17ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUn4_jXloPfGMQ2ULut2kuY3D2DON2-v4Wg1n0YEjd99314wG9I4bYqO6r7LIsE Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 06:21:54 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 26BD	57 KB 23 KB	50ms 48ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DktYa8JjTdqjCdODDrhfPpZf-9UoYsyRWhvLquEtEdULiUeVRgeh95TktdTaeLUYHwP3zc02A5yEYb1sXXdyrpggoRJea3meCOaPyOQ4Vu1scY9HAitdcLZ3Wjmk8PeGHxlJulOtX8i9zSluK1MuDJQH_jPg&dbm_d=AKAmf-CxreONFkJ2aRPDeVvVzBl-TEsExMws8OBLfCCCRNdQCWFkVX0ezkI8QhdpUxZj2Gc_rEenQreYRLhArMqEMBNP9cEqL2SWfhSETsMNZoKZP_IaT8M_h6YABqcN6_VUgq4QH3jCxVd1vX7yU88kRum0jyUAs4q04uub8vM8sNcwtFQCgq-6vlll6sQb-6C8oaIRxmmxQlmnNIjPF__gjpKeTgrnd3k-ZnU_A4fJArMEUCcS5poeBXd6hca4EVQI-2584NnlKJB4CqvirrvQoyHb3v9kzTxJpVy3IBjAtaR2lLurzbsNuPEgq5p_GPcGcw2gdqXT0Op7HLqwNYpqI7ls4PjVcF-AgAKIK7wCs3r793J1yffTNPhI574ymmaOdTepUpHdSSJJ4Ng0xrLG_pObAmfyFjgpS0MEbfEMaWUAmXXxt8dbDLMZNfvwN-dULlNEZvOtvsGGDWT8RSrWzsftwYRSbMlrbNx-AnPKZtKWkV-cGPW9DGmz2LL1StFLdCLNXxP7N5eyiiXPrxwlR_aORTLo2GIm1r7LmkiilFU6ru5WyYzgOoJI0EI4vE_33-RdMIbPklK4Y5UKlYWVpq6VgyudlhnwIRVAmvzatk7TAkxlhWwCX78wc-ocAwmkKdG7WHf0NOemYivm1X8jXOAKMkseOY5RkgawM6M1r34d3_RGlBnRav3iS-uf4kHiInEy0MxOb_arBd1rw5ZeivM9PSyJBJqBvrP7OEqD7znPDCfynQhsbOYHd_aa_2V7DZFwYb2yY95-UFh2vxGRJsNpq_h5cSgJiUtMuDKnhRZRAFgsV0sxMGdL_Y5tiZO1I_HwHiNolrVgCqikzibIx7KM5_ssaj2N9NSh7-ZB-KA0qVvo3dxNMs9WWrDXreRHeyBFa5dfDs8Oq4WgjgfJ21HmKR9DNdY7EotJx1aSYzwPWYX3uCJIULWkTLYDkyqVpD1DeyqsaNx0ozytCKh5urvG1IrD8lI_CKv6sUAFQJvVVPMJul4mjS29sHW_XMfnU5KuPtcN-8oU4XZ0VKBDv9RyZj3glDk5tNFbhRqupf8YIJAhbClkjpS6sUKSXAkyYW5aoIco8LbGLmbhBVf0XXIQxYYCwjJf8Zq6zndDCoQe9ewmmLJzh9zjqSIRnCJAn44gLmYeyRzdF5AYCEo3pI8KrdgNgyQknUqgGN6MFijvomHQDnglCOjS870G1ufZRA8W175l68TsJh3XXVbpuG30s_dANwIixD4Pa3O9bOhIfFcQITdSPfQ2gqn4epHRxA0akblBYJ4K-CzClhCmGi0zUu1ozJnbLoE34P2WFxHAhAe1pLDz7c6V2J8oeICoYHHWZ7VMkUmN7Wa7ri_GK4H_oCrk_CUL2nFVMo-Vgm9T5frEwzFpaTdTTgnU7THcjFhY9y_9vLO1qiPsqTYgyDxVXyFLBZ4txC7ztDU7ArQmXl1A1ixVjeK_Wmb_tYsaUWQ1U0rGf4BQ_CSy3ehy0ul4w2k6sqy96BDFvv7_vNakN-L54dsI2XIm_lDqm2PLsp8SMRdqds-Gs7jYyjEEns2Q9TX3tppGSxmXUBrKa265IeUR2A8doWXYhux7GA32MNBLTNZlTohTCbe0uJg2bH8fPa7wjUUHE5BeOzmBkJMSsKmfkMgdMrAGu5L-uqVXmX4KeqWP9j2GZZPXjlOpRLj-NC-kmszGHfRODSHHifYyXvly_v1E2iQDpJT5VPsCOsoQysTBBKu2OedlZ8hPEVwsSb7dKghA4oly8QnZJZC5EYZki0cSHAKHGwswzk1lNLBgL8HOBhTgJ4TAy_rad-TKflpv74R8WJW98YITKfLweN6qoZrAHMNSqpmCvYqwMDL24Otd1s3hCXvNluFzRDuU6UjXaBt4zjbXmcRo8LBPRh0wB81KR69jTXaeESD0ODEFaRZoy80dzY8r8nwfEf-8zeMuYzGvajTv7dHiY_gmPj1OhQqeaZNXuOSYsxpeUdNDqpcuTwbBtm455f1zR6cfDTSolU6Uexn1puY6qdJepHCcQI_w2RNRKK2Ijprmt-zXFyTCBb72FOE3ama9QfGztRBvZ_H2Ue1cAkVaaOPvMKHPyYkpaKpotilmsKXLvXQhfopK-CQ3XUHyx0jXm0riP80Y6xVLOfIOANxcLS3yHEGUKpF-Kd5x1TW25tSWdv1e3zMVqy-iGy_7aLj_-HynbqW3er-hjY2SdljNazgLSdV45vsO1PpXkx_7K7TG-aMounqR-BdqTrZNOquF9QtKRy7gg9r_SOnTDlZrLk0zoFK3gEzkQHujD-wtVbOmA5kSGdYwdLlYKNsnk6fwDHzgD7rkYN38Sl_FbVJ1T0pzIs_9s4q_camixM2tNvuTY6B30WKM3mUP8iUhV-iPz5osEJocRKQe6P3DYwXIx-bDxZld7nv3HJi30TQV1KQKoMsEscqqZq_lj2I6EnT6w5ou8dfIzPSdoJ5ua1b-d7dc0N0UMcPEf8c6IlYkLu11-dJ729rzNvxjd_0uxkDxDN4xppYRO2Cy-GWW_Sl4AdQEto9VFtCL2qgRzWoODo-SSt_Mhl6-eg-I4eFfmHPvcReYXoRHubjJFzyHa_QdqM_U1q2PClW5KomNxDznFaLKrOFuKQUma60b9GYxdwGg6K3u5ZIed4LIcpwVcjRDtPR8YuTLaJVWe_-EK-Fbm3Yc9zamIHYd4hAq5OjECfBlUqNsmtTK-sxzbVflqYHV_NKI2BKTfjJs7UwrgKOu0jI9_tWEW0EekzXGDx5BJICPn_4hLqKf7Nz2LiBTDYV__4BgsYqLBd8tb_8Z6Fs2kQou6ytecqTjepsGXKThbAoTB_T3OXt6WJisbBaJaFLy0HtgcnWuQdyl_30COZAHacU6xVBRh6-iaQF18Wg7bj3oF_gGqp89GWl3Sc80uHbSFOVnI17PD1nLdmWr9JWTLcM_R60yze6SL-8fTS51aKnMxgzL85kBh9twPSdmadxLCWJdHiDNQ6ZdTVqcFGVB_3wTIbdWoQqNGpMb5sixtLU7LT0R9GnsDWn_uYE_VWvsv6NhirXungXZ3HTQb_M4KP2nUFKcB9d1gS1NiYjKRSxQqT9xFkc3YA&cid=CAASPeRonUA-FWPHZwzeG5s1QYBMBtA1G37-tQbVqvrb7SBF73utwCjYO6jT2ZZ8C67IV4DKEzE-jRCk6xeD20I&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4dcb6d23352d84e0d05ab6ff7988d6c6384f552457530b317e76c3ec2b2d9ca5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23827 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 26BD	42 B 63 B	16ms 14ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtZ37lOO_1ztcd_Gb8_c0CROGcNkBoI4xboxGO-kAHz4tdu3WK3uuvOxIX8_KEL1sxBBTato6LmRUBKbF8gN8IZXLPj4e8m8r7VCbwzzoQpHaULP8 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 26BD	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:18:02 GMT content-encoding gzip x-content-type-options nosniff age 232 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:18:02 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 26BD	119 KB 36 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 26BD	13 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:11:18 GMT content-encoding gzip x-content-type-options nosniff age 636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:11:18 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 6E2C	111 KB 39 KB	151ms 7ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 55383 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:58:51 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 6E2C	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBPAXhkb7UYbD7RA-OYT38Dzzs1x5DcooUE-2SCq4JXDmKRvkZXkslGdmR0KuQfX47MYYLAL9xX8qMyQUIiyO7ToHKPkFDQNlNInH8nTtDTt7EHE7Vp6Ics_u8M1jfjzbOw2dZYw6cV-NxiLBAliG4y9krSg&dbm_d=AKAmf-BvSqEuBXW0thw-wdGIQoQHOFV-1l4ifY6k7a8yz5JHO9CBj0xEeW4kRqlWC3btZwfTFJy7XT4Vmup5b3tqltyVlxuwA8zAGCFrY3Q18TeHB7kWqSMTkSMTSF9ImoHv6o709V2pf99N6D39TBXs__eKK6R9mQhDdJtQI6xBgmKz3g4OhzVH-mVSqWUtVdhRj7sKFVXcEcE067-_SvhXFQ3bYMtztwQCE_3rGNfYX2jurBeRNjZUeK_geRGdEvls8ALWKDZnOZan8oAwiXZmf6LDJFp6DvF6qUCIsu2BbTNs_dL0ykETFb0J9fttSvFdBN2Ny2KBt-PIN-0ItL0zkaa9-PGRs3zTe-LwSLChCOtsKzqZWlPZbQD0l7C04Mi1tR_FC5w_VkI9ECtDNQKi8F87oKZEOU8Ajxs4qyFhi-iN-fOtQHfU0yv22mglYWGd4FhTHI0NTGdlvJ2GZ13mm_6OuG86vuzYsvBA3Lfr2tD-DFi8657DkvJAtxvbQLQIAIG5PZHmCKQS4Rz4V-7sYAINS1nuD5MfXwV72nLUlzU5CWN6kGCXqS2lYL5CXWvX57T32UQpHV-AmESESgityeOC0h8tD5tw6pKXIA4Oj69DEhNXvDEap7gNSU8dYAo3YOhnxp7c7IwHKoXV4CpcWm6cU5lCQaps1BbKnRRUUy5XiWpMqa2cSEpkOuvZEmzMNsla6KNiOsTvQhdcU0_fJm9eqZt08acdr__0cdclsXw2RVzkZrYu8ZJyKjF8zuFbf6vIOMm9KDpqRwVIWAAF6RdQMu2ZyIXQ1E72BV681y2eT27T7Hmzxka8__7pyO1ashdpjBi4HmbOGSVJJcr8sb_-V8Uo3ti06ldXOKe3Y_CXnv3sEfdQbgmX_1aH-R7MoKglnZTu3JCjr7eFg0leDZmHEyly25u3ciggJplUCDb5YhnklxLVWNNi8Z270NfT3xSnNQlMb7VtnHik1V83sX-Ta2f0zS3DjPI76TOfYOLz7fcJMTY9IqpELy2N-9fk5c7rXaPsuzzLCejzcyy9FOziY3NdaEG_0oQQY72zNih6XPIPDmcH3inOd7BhPpu0QwIyLQ7htXLOujtfti8YAeQ6d_aV-C-pklD8ig4bYrCn-Y5JkSVDI6dqTk41ci_pVIAOUjQlOkQ0Ru5pIJueFXS1nFfgyqUGGmaSlwen7lqi2i3JJGlUmN_AfLOxT8JmsKp6ymcT8JzeyzYUNOIQwyD4t1c_KI4xLz4lqb4heiIlRdFreLw8SpAHl7FTsnBx0K2nBhJbckK5dqPxVg1cGzeCAvIvolsIP1Wic2vpTRy7q9BbahQ9UhdbnBHvvKND0yBRKgnLI8OfT7d6OypjaruAxsr7n5VPepIinu5yB_oCv__8-7j0Av2UZk4-7tT6bA_Hx8PZqv36yrMsmqmqF0GIrY_jj-r0zwwUkDeN3Hb0V8AHIDtgRZDQDkQcoLvPnDOnuxfubwX4jiYEta1vtAQONXVGuE5ECSfE_gVbHlmN212d5qbLz_Kd-oboEmMbUsIkb5kcdwWqkGqXZoaL8qg3mS208QTQXmAA9Oni35eRl97VeCzasyIpWE7vYql8_PmQAiXO7w3zoduDK1KPr5TajV1aknQ5TFMgxgAKQXKikga0G4a-7QiWn3eC-MzH6kiIEC01hFPEwinv8K5ePMBg5-sOvgda2-WvefawtzFClila_Hvk7tTFhedv6QwZj704iuqr5hHuUuHuawpqw6cHD8gopnV_ZHVIpVUzCWh4doc2vKTNFn64SD6tI0eNjnVm16Lp8StynE1YZRZnSsW5o-XSypBUVe8nU7hoseTqVjDZUlF4OAEaabwcgE3CbP0wcs1GYaiwy204X5TgESxZd_fscr_DU0aSJ5yClrr89ona0cvOusUcKbjUAjCEILivGc54_B8xkulikJ049BDOU4lBbAbDsMW3WA3scScouKP8cCMJZ3mNknyrhVRcraNZZnsMp1_94g3wQqj0GIsCVkSndCXlcI3fBaPa5UE3jjknUX9Fb7QMk77r2dsqjNPkUIXGCmC9ORKh_GgNoCfgGQGQZwY33T4r6UpVVcc_br3W6cX6MkzTJ0x1EWjJvKucuzzp1AwwHkvwhZAAscPRzDR1_SeB39pSGBi8hqeXC-H5tfybEwgEmcR5sUVCBsvDlm4DiZlB7PqISw0q6v0_lM4erOb947Ap8WG54H0NWg2WVjXab2pkxXzYE-s4jOWaAonyC6Bssm0RKShPDSoHcEa99SpqP3FFBdZOMBLOmWRrc3vk55o8Qzu_fy1jY8TD90N4qdpfsY2OUvHA4tN-7n7F6LYgiHitYuYJdU8Xzm0DSPeT4kLncofyI3ZMB_tZN9ld33PUaaYa-mi5K4_RNP-YyT7_V_QR2g-G2Wy65qkdwvnCZjuQophLS0B8g8Oxks54xk0Cxq5ckUOfo4qR_I6Sp-cfo7RtVvP0eXttn9EnD-L74pUCo-QrQvfr6a3XDJLDW190x3jMx1OO7fGZ5P1BCslYTgs09rcRFT086ErqMM03ig6MRG01aoCBBdJ03SV2cb4Hv46bh3_RGo44FlSDp2R4Sg4HRSyKWARSHDQdZ0hXXxlBp-OPSHnxnbhiFLWMk82P85udecRhMTJtwvG5GN6wh874kYy6gDA3D5bP80TiNsfAc7uoWZR8HoFeljN5Cxkq-DN_vz6EKz-gNIyuJGL1p-FLRq31mgzyKpLIJ9jJrYk5y1F4LkOqicE-QUhChNK0lzXxb_kawYVFmLZOn107oSaZswx5ckftnrLJLir0XNZ2SMCZvgFo3fNY6FLza4DZZHPf_fkDBLu_4VhZn3YaVwRek277UKtWj_MBIohTMluQrTB3awGgkqEYhBtECduaOWhglSOCgb9d8umh-ewlel60RHodPN_K9-oyeEwTxM2H8sC-5Q6VBYMA7J-NJ9igCnPWmXOaQw3icTzO7jnbxKAsV9yf8hFdnn9a0aqAplz_d5Bqv-gXpQlXgVX1a3sET31F7gcVSReUYrroGTvF2BYmf_dVNEiNuxpoeAabm37-keVpbhyvVeuZzUwbK7lt-O8-fJFSlTVdBuqwqfxbIOCX-zK0pwxCPIGDJhE&cid=CAASPeRoa76-JKYv9ZTv4DaJAtv5eZDiCP-eGAm3DBRmZijceC8WSPnn301kCsPJXn0gZW-X5JjsQW9F7oH-aqw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:20:00 GMT content-encoding gzip x-content-type-options nosniff age 114 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:20:00 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 6E2C	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBPAXhkb7UYbD7RA-OYT38Dzzs1x5DcooUE-2SCq4JXDmKRvkZXkslGdmR0KuQfX47MYYLAL9xX8qMyQUIiyO7ToHKPkFDQNlNInH8nTtDTt7EHE7Vp6Ics_u8M1jfjzbOw2dZYw6cV-NxiLBAliG4y9krSg&dbm_d=AKAmf-BvSqEuBXW0thw-wdGIQoQHOFV-1l4ifY6k7a8yz5JHO9CBj0xEeW4kRqlWC3btZwfTFJy7XT4Vmup5b3tqltyVlxuwA8zAGCFrY3Q18TeHB7kWqSMTkSMTSF9ImoHv6o709V2pf99N6D39TBXs__eKK6R9mQhDdJtQI6xBgmKz3g4OhzVH-mVSqWUtVdhRj7sKFVXcEcE067-_SvhXFQ3bYMtztwQCE_3rGNfYX2jurBeRNjZUeK_geRGdEvls8ALWKDZnOZan8oAwiXZmf6LDJFp6DvF6qUCIsu2BbTNs_dL0ykETFb0J9fttSvFdBN2Ny2KBt-PIN-0ItL0zkaa9-PGRs3zTe-LwSLChCOtsKzqZWlPZbQD0l7C04Mi1tR_FC5w_VkI9ECtDNQKi8F87oKZEOU8Ajxs4qyFhi-iN-fOtQHfU0yv22mglYWGd4FhTHI0NTGdlvJ2GZ13mm_6OuG86vuzYsvBA3Lfr2tD-DFi8657DkvJAtxvbQLQIAIG5PZHmCKQS4Rz4V-7sYAINS1nuD5MfXwV72nLUlzU5CWN6kGCXqS2lYL5CXWvX57T32UQpHV-AmESESgityeOC0h8tD5tw6pKXIA4Oj69DEhNXvDEap7gNSU8dYAo3YOhnxp7c7IwHKoXV4CpcWm6cU5lCQaps1BbKnRRUUy5XiWpMqa2cSEpkOuvZEmzMNsla6KNiOsTvQhdcU0_fJm9eqZt08acdr__0cdclsXw2RVzkZrYu8ZJyKjF8zuFbf6vIOMm9KDpqRwVIWAAF6RdQMu2ZyIXQ1E72BV681y2eT27T7Hmzxka8__7pyO1ashdpjBi4HmbOGSVJJcr8sb_-V8Uo3ti06ldXOKe3Y_CXnv3sEfdQbgmX_1aH-R7MoKglnZTu3JCjr7eFg0leDZmHEyly25u3ciggJplUCDb5YhnklxLVWNNi8Z270NfT3xSnNQlMb7VtnHik1V83sX-Ta2f0zS3DjPI76TOfYOLz7fcJMTY9IqpELy2N-9fk5c7rXaPsuzzLCejzcyy9FOziY3NdaEG_0oQQY72zNih6XPIPDmcH3inOd7BhPpu0QwIyLQ7htXLOujtfti8YAeQ6d_aV-C-pklD8ig4bYrCn-Y5JkSVDI6dqTk41ci_pVIAOUjQlOkQ0Ru5pIJueFXS1nFfgyqUGGmaSlwen7lqi2i3JJGlUmN_AfLOxT8JmsKp6ymcT8JzeyzYUNOIQwyD4t1c_KI4xLz4lqb4heiIlRdFreLw8SpAHl7FTsnBx0K2nBhJbckK5dqPxVg1cGzeCAvIvolsIP1Wic2vpTRy7q9BbahQ9UhdbnBHvvKND0yBRKgnLI8OfT7d6OypjaruAxsr7n5VPepIinu5yB_oCv__8-7j0Av2UZk4-7tT6bA_Hx8PZqv36yrMsmqmqF0GIrY_jj-r0zwwUkDeN3Hb0V8AHIDtgRZDQDkQcoLvPnDOnuxfubwX4jiYEta1vtAQONXVGuE5ECSfE_gVbHlmN212d5qbLz_Kd-oboEmMbUsIkb5kcdwWqkGqXZoaL8qg3mS208QTQXmAA9Oni35eRl97VeCzasyIpWE7vYql8_PmQAiXO7w3zoduDK1KPr5TajV1aknQ5TFMgxgAKQXKikga0G4a-7QiWn3eC-MzH6kiIEC01hFPEwinv8K5ePMBg5-sOvgda2-WvefawtzFClila_Hvk7tTFhedv6QwZj704iuqr5hHuUuHuawpqw6cHD8gopnV_ZHVIpVUzCWh4doc2vKTNFn64SD6tI0eNjnVm16Lp8StynE1YZRZnSsW5o-XSypBUVe8nU7hoseTqVjDZUlF4OAEaabwcgE3CbP0wcs1GYaiwy204X5TgESxZd_fscr_DU0aSJ5yClrr89ona0cvOusUcKbjUAjCEILivGc54_B8xkulikJ049BDOU4lBbAbDsMW3WA3scScouKP8cCMJZ3mNknyrhVRcraNZZnsMp1_94g3wQqj0GIsCVkSndCXlcI3fBaPa5UE3jjknUX9Fb7QMk77r2dsqjNPkUIXGCmC9ORKh_GgNoCfgGQGQZwY33T4r6UpVVcc_br3W6cX6MkzTJ0x1EWjJvKucuzzp1AwwHkvwhZAAscPRzDR1_SeB39pSGBi8hqeXC-H5tfybEwgEmcR5sUVCBsvDlm4DiZlB7PqISw0q6v0_lM4erOb947Ap8WG54H0NWg2WVjXab2pkxXzYE-s4jOWaAonyC6Bssm0RKShPDSoHcEa99SpqP3FFBdZOMBLOmWRrc3vk55o8Qzu_fy1jY8TD90N4qdpfsY2OUvHA4tN-7n7F6LYgiHitYuYJdU8Xzm0DSPeT4kLncofyI3ZMB_tZN9ld33PUaaYa-mi5K4_RNP-YyT7_V_QR2g-G2Wy65qkdwvnCZjuQophLS0B8g8Oxks54xk0Cxq5ckUOfo4qR_I6Sp-cfo7RtVvP0eXttn9EnD-L74pUCo-QrQvfr6a3XDJLDW190x3jMx1OO7fGZ5P1BCslYTgs09rcRFT086ErqMM03ig6MRG01aoCBBdJ03SV2cb4Hv46bh3_RGo44FlSDp2R4Sg4HRSyKWARSHDQdZ0hXXxlBp-OPSHnxnbhiFLWMk82P85udecRhMTJtwvG5GN6wh874kYy6gDA3D5bP80TiNsfAc7uoWZR8HoFeljN5Cxkq-DN_vz6EKz-gNIyuJGL1p-FLRq31mgzyKpLIJ9jJrYk5y1F4LkOqicE-QUhChNK0lzXxb_kawYVFmLZOn107oSaZswx5ckftnrLJLir0XNZ2SMCZvgFo3fNY6FLza4DZZHPf_fkDBLu_4VhZn3YaVwRek277UKtWj_MBIohTMluQrTB3awGgkqEYhBtECduaOWhglSOCgb9d8umh-ewlel60RHodPN_K9-oyeEwTxM2H8sC-5Q6VBYMA7J-NJ9igCnPWmXOaQw3icTzO7jnbxKAsV9yf8hFdnn9a0aqAplz_d5Bqv-gXpQlXgVX1a3sET31F7gcVSReUYrroGTvF2BYmf_dVNEiNuxpoeAabm37-keVpbhyvVeuZzUwbK7lt-O8-fJFSlTVdBuqwqfxbIOCX-zK0pwxCPIGDJhE&cid=CAASPeRoa76-JKYv9ZTv4DaJAtv5eZDiCP-eGAm3DBRmZijceC8WSPnn301kCsPJXn0gZW-X5JjsQW9F7oH-aqw&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:17:26 GMT content-encoding gzip x-content-type-options nosniff age 268 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:17:26 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8858	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhlMfPY3DQRlVSnNJ8XuKrbucrvcryzuBrtklnXsiIJZz7fjhQsoc3VRaVoiYqURG8mdMj6RfWV9y5LhbF3zL26L-6hYUAoTvOHDSjJ-eRSSr89zLmrF6Z1T5dmXZ2tvZjXAFj-tKmbQzJg4Yrzor3MaGZtA&dbm_d=AKAmf-Bhi8vvpsAnpk4duRROCn4wyPqFsgl3CZGYbsdMqr6AwiDhgvGZfXBhJHgKA88I65caJ8br_KLIZkUALmTbVlISQe5dFCleQu2PKGBoMYINP9rupNhjWBf3DUZETtTrEGwv0NWSM3riNA9O02zLexNQFTcvxin5Js3Q7iEwcNmeKjCQCxX00GOCfwQmM38QdWh6ZbE1xZrQK_t50xQPnhvUuCac87wZOg7MimaFgy5KXw6M4bGvSxsZ2xgo2SIfzjXNKYeb_VaIBrz3hPCpjVWGrQG4KGB2Co5_K-qoroW3Ck-5Z0zp9ONDJ-8_XeePoTsnXabSilE5MTcPNWWDZbY0ENAO7f8NomJm0h8wADfq_pccE1kycT9FM7yoePrHsUKEeBQSqwuEclwkyLOabJgv53wcbI7iu2QL893pWwcH4ubrrQ5AaJuKBc7RFneewHJGUN31VblOJpFbVzEt35UkAO5Cj15KX5dHPEBJNLYuletYjdUsF3kWnhR5bnGlHgp78jbSoxL75VU9aSfeNPGKWMdOM4c5PPHQm7MfESEvS5j5d1sgE2PG5WYTbbrqh2icqZBygT5n5FzrsuBWkGyfBItWwDh83BIn4N0NFEu-9DqK4o0RqgfLHRmZJ0XuuZ8cyGN_qkFU3rm6fJ6PQFutxFStffX_rAQcMR-i2EuM--z7G7MT9_TUg27wQTf59ou8ejrQFNHhwEqj1On9hRjhSH2zTJFbcHlyWKyX3FiliUhURnqftQLLZaukq67Is3GnI7RiJNOzpfWMzr2k1bQh_GP7FGks7CZ3LvxYoHM9RvhEY2NGqxzLvTcIut8kPc1HWdkYgrN07ijDtei63Jw4iGZCyAfKOcEYl6ZhIdgYzjbuGUnw7pOLMt3N9T9wxJS9hDWDfaLPoedG6TeYDQ49FjRE1RMQ0n4h6Ict3ObTYEUbPmB0t9SObwbcBwkehu_7_kTUn4maeDycx3o7vhIk_DocygHrFu8irEkLJnzNXdg0ne5f9G4oSCGHOYxsdmzYkxV2aT6mAcMTKLwdJSuR2qCnMNnn2AQ1eiCt7I_ZNI7Dt9fsVfrOgLu4eW-ricYGAMseJgX8OqwC8_Zn1o2vOhdt-IP_MABMhK0KRlRDdPVIWXjKXkkvtM2nZA1wlhQiAVizL83rHAlWROYKRXhkT0mgO9SU5UNmXdJajoAJA5gYO977ucn31Lvig6xI2faGk3aVZuxMmq18eyLCl2TQDpnD1jG1aeKvAhzLaeq_soGvyNXnWINct7jaSKLLg5vTVMwypNRIaPZh5LqDC48vq64YBhEYvYqdELZCoTmBryY_5XYudPHDSSD9dcmVD6Nc0TOuExewhN5FzqWyQZyUeWLu918HYsn69cy6VjMqHj_2V7Ym1jh-8FmTeflzKGqnW7PlXdBMi4wQTS9mluYQxPRSIA6jznHgSVST_8n1YXefrt4G2r5gcc6RioHEBNnV8Dip5ZfX0rTFnIkjnUva1UZVeDN3XnLUzM4PKd-5QG5u1ZtyuY5vQqCZE3AyROLXklIM8u6Gxo49RHK1YVBtwpusGTtPeuf6iCBlpU1nD_v9NTG5p8T6RK18ZuygZ56D54W77nbHW7to-bpIGwqyCbjU7uG-1k9k8h8d5RYLt70WMOOjyFwYC4E6uyt0QalBY8DSoOu5DNTxCVeTBmGHul8ZRQQ-wikTBXjNtKqjFqvuCKUpR1-AdrC84ZyeCZiijkHWH9AaCmlHlIw_55LtFty2BxoKBg2ZcV6rzPUZDs_JwEmgyOb4tZQI7VxiSWRyVYaaHdTTSsRN2-4mRf1mZAzpMUooKaXNKe3Xvhj8WWf9V8zsp8zMtkjTW-s26vb8YqvQQ6FhH9CGXj0XG8w8xnKXWU0BF3jUGmHYczZVnJZQzQehEkDW-Zr73-0sM7lfCLrotEVXqRcPjtBLefJUPF2CWJ4H454-RYyH2URsisk7bjuPD4dckGUsjyRSGQRoQEPbt9t8gn9-VyNlWgop387sGWk1escu1Tp9-if09sD1-6MvIijKfOHfcS4szAEGrRksLRlCLbsOgOdn46ec8d13H2JONvEV3XW6nh7zl_iDtltl5_4Ye7t1qIf6zi6o4YTOtES1oufmQ2TNamZZ8lUimYVMs3CnJS1U0ZqhQ6-qx7qzyrpcxoopR0LtO2QZurSBFQnBam3Wm5AHfngY6zPlFXNMZZfSqrB_xmLYxYmHgkbkIHktE0Xu15fe1b-NL2WoGMXFaUTdTkInRMEZoSwVF0yM0yWXUFBBYBGHA7eTqAXtJGAqAV5YxNRBjr6vR5J4rPKRxR5lj9kUSGpyzD7dubQ5ktHh6jwvd_sPQX6JyAnkjoNdqjBNqaAWkzISTzEkF-hPmJiJM_ggAu33rUnVuxCnwFsfHqWsgAJgrb1m6b8Gk1PMatKGlYKnNeTI74uDDQkBnHs-lNCjmRdsgdJhGZtQNuqVUDo-NKRUrDNDlXnJ32Z-YddiepMAxHqiiIDOAugQLxN7Y1_8AFEwqr8IuseaPb1E5cP6x6wfvJVhfqFMkUywbQEGm8I1bvt7nK_dC4V5J-BFCXXuRVKkec2OCsgNOOQT7J5QnvjtMRyzkqGSrq0YNStuW3Hzebjlefuw4hhQBRgLdM4cKR84k1Zvr23I_aVO7zOlUWibsy3PIT0zufsM9XuzuhH6o-pte1YSYZX1Jx4iz7PluV9svmlBvA&cid=CAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6M&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 18:00:25 GMT content-encoding gzip x-content-type-options nosniff age 44489 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 18:00:25 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	16ms 16ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021051901&jk=955085961454281&bg=!_P-l_7vNAAZ7hX_Ue4U7ACkAdvg8WkAf037gii5M0fAxFartEtEgv3PNJL1obgFzoSiZ37Yl5M7KQwIAAAECUgAAABRoAQeZAkvP7wbXuDeSZLhx1iAFPpa1oq-GzG_bfcuECtYNpiVhk8dJUDVATTcgemNkPDIwgEI_g1rAQ-6ETneyE49Ot7nOcvSACG3-WTArhqN81bWYrlxX9U5mWllF_UsMinIqYR8J061cTcRy3LENvUXvgrYkTO0tdPbOMenx5he3fHqln8Z5Cix5YSNXfLWbRAoFSKg6Dtdd1GplB2nfKeOhXIz-08Frs1CtG7WjyjPSMcD_Zj-jQqayd6s-u4otOfUqBDkToRzxkKhU56CqdB0jYL9mD2TLKrwPYNFRafj3iNYlaH7shp5sncEwJn3UwbZlICEohavlI3vi-HBTwmRxUsPOpvmSRK6MKumdlWVXKQ4U8LJEnWvRE4oEtPdmb7DDZD3xndo8P45VIy2IJmR_1pjlTJ11zkpNk4zN4TVwqF0JDl7hEWRGGEEFV6LKdkxdkFoiCMKudWdRmc2Rb7CIwG3nO43FQ1X_NRkD2K8YAPUJmr1AWXMcIF6R2myyzl3Zm6D_VQHVrtF6DUq9aD5_P38FrwdQMyrD8NNCSdFh6qtDxzD5JCkYF9QIsCxcqAmrJUw0jBkvA6RJvfqsg22qUhBzDrMKBHtusKY0-gWQ2BiIFAaeBT6dIqQgqrG0__28acZU-v8l1isILRj1jsnGgCBLsvfDBcCvJ6E3FBMpE1lD1IwH_t3dbG5fYEv71zcdKZSYB7vEaYyRCMADj0-iPaQJu9lcsxFm01QAG_4G_MLjCaJcrHM3JvbhaJe6kX0ZbhlnG9vAi4rGcffrkA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 26BD	111 KB 38 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 55383 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:58:51 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 26BD	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DktYa8JjTdqjCdODDrhfPpZf-9UoYsyRWhvLquEtEdULiUeVRgeh95TktdTaeLUYHwP3zc02A5yEYb1sXXdyrpggoRJea3meCOaPyOQ4Vu1scY9HAitdcLZ3Wjmk8PeGHxlJulOtX8i9zSluK1MuDJQH_jPg&dbm_d=AKAmf-CxreONFkJ2aRPDeVvVzBl-TEsExMws8OBLfCCCRNdQCWFkVX0ezkI8QhdpUxZj2Gc_rEenQreYRLhArMqEMBNP9cEqL2SWfhSETsMNZoKZP_IaT8M_h6YABqcN6_VUgq4QH3jCxVd1vX7yU88kRum0jyUAs4q04uub8vM8sNcwtFQCgq-6vlll6sQb-6C8oaIRxmmxQlmnNIjPF__gjpKeTgrnd3k-ZnU_A4fJArMEUCcS5poeBXd6hca4EVQI-2584NnlKJB4CqvirrvQoyHb3v9kzTxJpVy3IBjAtaR2lLurzbsNuPEgq5p_GPcGcw2gdqXT0Op7HLqwNYpqI7ls4PjVcF-AgAKIK7wCs3r793J1yffTNPhI574ymmaOdTepUpHdSSJJ4Ng0xrLG_pObAmfyFjgpS0MEbfEMaWUAmXXxt8dbDLMZNfvwN-dULlNEZvOtvsGGDWT8RSrWzsftwYRSbMlrbNx-AnPKZtKWkV-cGPW9DGmz2LL1StFLdCLNXxP7N5eyiiXPrxwlR_aORTLo2GIm1r7LmkiilFU6ru5WyYzgOoJI0EI4vE_33-RdMIbPklK4Y5UKlYWVpq6VgyudlhnwIRVAmvzatk7TAkxlhWwCX78wc-ocAwmkKdG7WHf0NOemYivm1X8jXOAKMkseOY5RkgawM6M1r34d3_RGlBnRav3iS-uf4kHiInEy0MxOb_arBd1rw5ZeivM9PSyJBJqBvrP7OEqD7znPDCfynQhsbOYHd_aa_2V7DZFwYb2yY95-UFh2vxGRJsNpq_h5cSgJiUtMuDKnhRZRAFgsV0sxMGdL_Y5tiZO1I_HwHiNolrVgCqikzibIx7KM5_ssaj2N9NSh7-ZB-KA0qVvo3dxNMs9WWrDXreRHeyBFa5dfDs8Oq4WgjgfJ21HmKR9DNdY7EotJx1aSYzwPWYX3uCJIULWkTLYDkyqVpD1DeyqsaNx0ozytCKh5urvG1IrD8lI_CKv6sUAFQJvVVPMJul4mjS29sHW_XMfnU5KuPtcN-8oU4XZ0VKBDv9RyZj3glDk5tNFbhRqupf8YIJAhbClkjpS6sUKSXAkyYW5aoIco8LbGLmbhBVf0XXIQxYYCwjJf8Zq6zndDCoQe9ewmmLJzh9zjqSIRnCJAn44gLmYeyRzdF5AYCEo3pI8KrdgNgyQknUqgGN6MFijvomHQDnglCOjS870G1ufZRA8W175l68TsJh3XXVbpuG30s_dANwIixD4Pa3O9bOhIfFcQITdSPfQ2gqn4epHRxA0akblBYJ4K-CzClhCmGi0zUu1ozJnbLoE34P2WFxHAhAe1pLDz7c6V2J8oeICoYHHWZ7VMkUmN7Wa7ri_GK4H_oCrk_CUL2nFVMo-Vgm9T5frEwzFpaTdTTgnU7THcjFhY9y_9vLO1qiPsqTYgyDxVXyFLBZ4txC7ztDU7ArQmXl1A1ixVjeK_Wmb_tYsaUWQ1U0rGf4BQ_CSy3ehy0ul4w2k6sqy96BDFvv7_vNakN-L54dsI2XIm_lDqm2PLsp8SMRdqds-Gs7jYyjEEns2Q9TX3tppGSxmXUBrKa265IeUR2A8doWXYhux7GA32MNBLTNZlTohTCbe0uJg2bH8fPa7wjUUHE5BeOzmBkJMSsKmfkMgdMrAGu5L-uqVXmX4KeqWP9j2GZZPXjlOpRLj-NC-kmszGHfRODSHHifYyXvly_v1E2iQDpJT5VPsCOsoQysTBBKu2OedlZ8hPEVwsSb7dKghA4oly8QnZJZC5EYZki0cSHAKHGwswzk1lNLBgL8HOBhTgJ4TAy_rad-TKflpv74R8WJW98YITKfLweN6qoZrAHMNSqpmCvYqwMDL24Otd1s3hCXvNluFzRDuU6UjXaBt4zjbXmcRo8LBPRh0wB81KR69jTXaeESD0ODEFaRZoy80dzY8r8nwfEf-8zeMuYzGvajTv7dHiY_gmPj1OhQqeaZNXuOSYsxpeUdNDqpcuTwbBtm455f1zR6cfDTSolU6Uexn1puY6qdJepHCcQI_w2RNRKK2Ijprmt-zXFyTCBb72FOE3ama9QfGztRBvZ_H2Ue1cAkVaaOPvMKHPyYkpaKpotilmsKXLvXQhfopK-CQ3XUHyx0jXm0riP80Y6xVLOfIOANxcLS3yHEGUKpF-Kd5x1TW25tSWdv1e3zMVqy-iGy_7aLj_-HynbqW3er-hjY2SdljNazgLSdV45vsO1PpXkx_7K7TG-aMounqR-BdqTrZNOquF9QtKRy7gg9r_SOnTDlZrLk0zoFK3gEzkQHujD-wtVbOmA5kSGdYwdLlYKNsnk6fwDHzgD7rkYN38Sl_FbVJ1T0pzIs_9s4q_camixM2tNvuTY6B30WKM3mUP8iUhV-iPz5osEJocRKQe6P3DYwXIx-bDxZld7nv3HJi30TQV1KQKoMsEscqqZq_lj2I6EnT6w5ou8dfIzPSdoJ5ua1b-d7dc0N0UMcPEf8c6IlYkLu11-dJ729rzNvxjd_0uxkDxDN4xppYRO2Cy-GWW_Sl4AdQEto9VFtCL2qgRzWoODo-SSt_Mhl6-eg-I4eFfmHPvcReYXoRHubjJFzyHa_QdqM_U1q2PClW5KomNxDznFaLKrOFuKQUma60b9GYxdwGg6K3u5ZIed4LIcpwVcjRDtPR8YuTLaJVWe_-EK-Fbm3Yc9zamIHYd4hAq5OjECfBlUqNsmtTK-sxzbVflqYHV_NKI2BKTfjJs7UwrgKOu0jI9_tWEW0EekzXGDx5BJICPn_4hLqKf7Nz2LiBTDYV__4BgsYqLBd8tb_8Z6Fs2kQou6ytecqTjepsGXKThbAoTB_T3OXt6WJisbBaJaFLy0HtgcnWuQdyl_30COZAHacU6xVBRh6-iaQF18Wg7bj3oF_gGqp89GWl3Sc80uHbSFOVnI17PD1nLdmWr9JWTLcM_R60yze6SL-8fTS51aKnMxgzL85kBh9twPSdmadxLCWJdHiDNQ6ZdTVqcFGVB_3wTIbdWoQqNGpMb5sixtLU7LT0R9GnsDWn_uYE_VWvsv6NhirXungXZ3HTQb_M4KP2nUFKcB9d1gS1NiYjKRSxQqT9xFkc3YA&cid=CAASPeRonUA-FWPHZwzeG5s1QYBMBtA1G37-tQbVqvrb7SBF73utwCjYO6jT2ZZ8C67IV4DKEzE-jRCk6xeD20I&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:20:00 GMT content-encoding gzip x-content-type-options nosniff age 114 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:20:00 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 26BD	22 KB 8 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DktYa8JjTdqjCdODDrhfPpZf-9UoYsyRWhvLquEtEdULiUeVRgeh95TktdTaeLUYHwP3zc02A5yEYb1sXXdyrpggoRJea3meCOaPyOQ4Vu1scY9HAitdcLZ3Wjmk8PeGHxlJulOtX8i9zSluK1MuDJQH_jPg&dbm_d=AKAmf-CxreONFkJ2aRPDeVvVzBl-TEsExMws8OBLfCCCRNdQCWFkVX0ezkI8QhdpUxZj2Gc_rEenQreYRLhArMqEMBNP9cEqL2SWfhSETsMNZoKZP_IaT8M_h6YABqcN6_VUgq4QH3jCxVd1vX7yU88kRum0jyUAs4q04uub8vM8sNcwtFQCgq-6vlll6sQb-6C8oaIRxmmxQlmnNIjPF__gjpKeTgrnd3k-ZnU_A4fJArMEUCcS5poeBXd6hca4EVQI-2584NnlKJB4CqvirrvQoyHb3v9kzTxJpVy3IBjAtaR2lLurzbsNuPEgq5p_GPcGcw2gdqXT0Op7HLqwNYpqI7ls4PjVcF-AgAKIK7wCs3r793J1yffTNPhI574ymmaOdTepUpHdSSJJ4Ng0xrLG_pObAmfyFjgpS0MEbfEMaWUAmXXxt8dbDLMZNfvwN-dULlNEZvOtvsGGDWT8RSrWzsftwYRSbMlrbNx-AnPKZtKWkV-cGPW9DGmz2LL1StFLdCLNXxP7N5eyiiXPrxwlR_aORTLo2GIm1r7LmkiilFU6ru5WyYzgOoJI0EI4vE_33-RdMIbPklK4Y5UKlYWVpq6VgyudlhnwIRVAmvzatk7TAkxlhWwCX78wc-ocAwmkKdG7WHf0NOemYivm1X8jXOAKMkseOY5RkgawM6M1r34d3_RGlBnRav3iS-uf4kHiInEy0MxOb_arBd1rw5ZeivM9PSyJBJqBvrP7OEqD7znPDCfynQhsbOYHd_aa_2V7DZFwYb2yY95-UFh2vxGRJsNpq_h5cSgJiUtMuDKnhRZRAFgsV0sxMGdL_Y5tiZO1I_HwHiNolrVgCqikzibIx7KM5_ssaj2N9NSh7-ZB-KA0qVvo3dxNMs9WWrDXreRHeyBFa5dfDs8Oq4WgjgfJ21HmKR9DNdY7EotJx1aSYzwPWYX3uCJIULWkTLYDkyqVpD1DeyqsaNx0ozytCKh5urvG1IrD8lI_CKv6sUAFQJvVVPMJul4mjS29sHW_XMfnU5KuPtcN-8oU4XZ0VKBDv9RyZj3glDk5tNFbhRqupf8YIJAhbClkjpS6sUKSXAkyYW5aoIco8LbGLmbhBVf0XXIQxYYCwjJf8Zq6zndDCoQe9ewmmLJzh9zjqSIRnCJAn44gLmYeyRzdF5AYCEo3pI8KrdgNgyQknUqgGN6MFijvomHQDnglCOjS870G1ufZRA8W175l68TsJh3XXVbpuG30s_dANwIixD4Pa3O9bOhIfFcQITdSPfQ2gqn4epHRxA0akblBYJ4K-CzClhCmGi0zUu1ozJnbLoE34P2WFxHAhAe1pLDz7c6V2J8oeICoYHHWZ7VMkUmN7Wa7ri_GK4H_oCrk_CUL2nFVMo-Vgm9T5frEwzFpaTdTTgnU7THcjFhY9y_9vLO1qiPsqTYgyDxVXyFLBZ4txC7ztDU7ArQmXl1A1ixVjeK_Wmb_tYsaUWQ1U0rGf4BQ_CSy3ehy0ul4w2k6sqy96BDFvv7_vNakN-L54dsI2XIm_lDqm2PLsp8SMRdqds-Gs7jYyjEEns2Q9TX3tppGSxmXUBrKa265IeUR2A8doWXYhux7GA32MNBLTNZlTohTCbe0uJg2bH8fPa7wjUUHE5BeOzmBkJMSsKmfkMgdMrAGu5L-uqVXmX4KeqWP9j2GZZPXjlOpRLj-NC-kmszGHfRODSHHifYyXvly_v1E2iQDpJT5VPsCOsoQysTBBKu2OedlZ8hPEVwsSb7dKghA4oly8QnZJZC5EYZki0cSHAKHGwswzk1lNLBgL8HOBhTgJ4TAy_rad-TKflpv74R8WJW98YITKfLweN6qoZrAHMNSqpmCvYqwMDL24Otd1s3hCXvNluFzRDuU6UjXaBt4zjbXmcRo8LBPRh0wB81KR69jTXaeESD0ODEFaRZoy80dzY8r8nwfEf-8zeMuYzGvajTv7dHiY_gmPj1OhQqeaZNXuOSYsxpeUdNDqpcuTwbBtm455f1zR6cfDTSolU6Uexn1puY6qdJepHCcQI_w2RNRKK2Ijprmt-zXFyTCBb72FOE3ama9QfGztRBvZ_H2Ue1cAkVaaOPvMKHPyYkpaKpotilmsKXLvXQhfopK-CQ3XUHyx0jXm0riP80Y6xVLOfIOANxcLS3yHEGUKpF-Kd5x1TW25tSWdv1e3zMVqy-iGy_7aLj_-HynbqW3er-hjY2SdljNazgLSdV45vsO1PpXkx_7K7TG-aMounqR-BdqTrZNOquF9QtKRy7gg9r_SOnTDlZrLk0zoFK3gEzkQHujD-wtVbOmA5kSGdYwdLlYKNsnk6fwDHzgD7rkYN38Sl_FbVJ1T0pzIs_9s4q_camixM2tNvuTY6B30WKM3mUP8iUhV-iPz5osEJocRKQe6P3DYwXIx-bDxZld7nv3HJi30TQV1KQKoMsEscqqZq_lj2I6EnT6w5ou8dfIzPSdoJ5ua1b-d7dc0N0UMcPEf8c6IlYkLu11-dJ729rzNvxjd_0uxkDxDN4xppYRO2Cy-GWW_Sl4AdQEto9VFtCL2qgRzWoODo-SSt_Mhl6-eg-I4eFfmHPvcReYXoRHubjJFzyHa_QdqM_U1q2PClW5KomNxDznFaLKrOFuKQUma60b9GYxdwGg6K3u5ZIed4LIcpwVcjRDtPR8YuTLaJVWe_-EK-Fbm3Yc9zamIHYd4hAq5OjECfBlUqNsmtTK-sxzbVflqYHV_NKI2BKTfjJs7UwrgKOu0jI9_tWEW0EekzXGDx5BJICPn_4hLqKf7Nz2LiBTDYV__4BgsYqLBd8tb_8Z6Fs2kQou6ytecqTjepsGXKThbAoTB_T3OXt6WJisbBaJaFLy0HtgcnWuQdyl_30COZAHacU6xVBRh6-iaQF18Wg7bj3oF_gGqp89GWl3Sc80uHbSFOVnI17PD1nLdmWr9JWTLcM_R60yze6SL-8fTS51aKnMxgzL85kBh9twPSdmadxLCWJdHiDNQ6ZdTVqcFGVB_3wTIbdWoQqNGpMb5sixtLU7LT0R9GnsDWn_uYE_VWvsv6NhirXungXZ3HTQb_M4KP2nUFKcB9d1gS1NiYjKRSxQqT9xFkc3YA&cid=CAASPeRonUA-FWPHZwzeG5s1QYBMBtA1G37-tQbVqvrb7SBF73utwCjYO6jT2ZZ8C67IV4DKEzE-jRCk6xeD20I&rfl=1%2Chttps%253A%252F%252Ftrovas.ch%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:17:26 GMT content-encoding gzip x-content-type-options nosniff age 268 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:17:26 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8BA0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1	43 B 1014 B	68ms 59ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:54 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Tue, 25 May 2021 06:21:54 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 8BA0 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgm-mBaWgBCigW50CaQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1	43 B 894 B	61ms 60ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 8BA0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1	43 B 1023 B	112ms 46ms	Image image/gif	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:54 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.245:80 AN-X-Request-Uuid a14a03e2-1795-4e3a-b118-6fc144c2e402 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 8BA0 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D	170 B 188 B	51ms 50ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNVS4CgZqoIVA-JOFs4hRGF1E13O0arpmZJ8ZWOmbHuns0MbguN1zq5uKFEwWe_XSUv6SvTKQ_2rnZ1pkikM2moAyk6kKX-QozfUy6tVU447i4RSwy1-5d2ioJx6d_nJ7FzaoKo4pbBgijI-FBE1m0Tj1BGYbK8GiqtESaeMI9y7efNw20Mu9inUlNH8i0-LqOMVGuaXzMIEp0Tlz7KAZNl_1Q0rG1i4Ec_rZw5E7sjN3wMrpEc Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80 AN-X-Request-Uuid 929e9c44-0354-4e6e-9620-5859469266e3 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2EC4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1	43 B 894 B	60ms 60ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECXh9DJ_p_CuDSdlHlkR7_Y&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Tue, 25 May 2021 06:21:55 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2EC4 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgm-mBaWgBCigW50CaQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1	43 B 894 B	60ms 59ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 2EC4 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1	43 B 1022 B	232ms 215ms	Image image/gif	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.36:80 AN-X-Request-Uuid 04a59d9f-600f-4055-9dc7-c2090576547e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEC3-Ryu6qFS1AMj719ixkWQ&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2EC4 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D	170 B 188 B	51ms 51ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCn0_wBGPScjqcBMAE&v=APEucNXlO8WtD5rfY9QPS5oSJGEpCKNU50Z9ddAZmm_6OeWzhvqzRT-zdJwXaOd55zcC25szQzMSjs7lICibMForiYiLntaZRuSj1eVUMou0PosiXKxMaOCxYACp3eBdPysTHNSA3lUjoewEc3QxhcD8SdghlBDpbKBQoDIj96X94-Fw7QmZuJCHWDK6N_kWSiFTE6lwDbw6beiayjRIe-xzMzNiMvq_zwmQBPVfaVaVaxqZpNaFVbE Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:54 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.178:80 AN-X-Request-Uuid 4e97e627-ea9e-4444-a167-b9228f1728de Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQyMzEzOTM3MDA4MDQzMzU0OA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 16A9	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 18:00:25 GMT expires Tue, 24 May 2022 18:00:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 44489 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6E2C	41 KB 15 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 18:00:25 GMT content-encoding gzip x-content-type-options nosniff age 44489 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 18:00:25 GMT
GET DATA	200 OK	truncated / Frame 6E2C	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4acaee9c7977dac9909aa72e545ec08b7f80ef0ddd3629ae6c9275b017183097 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 8858	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js Requested by Host: bid.g.doubleclick.net URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWDJZhe6dM9mTVBKiV07oOcXjmL2anLnIVrnL7kpn5xcVcbup4&d=CnkAoCZ_4H2dkuv7mXl5y_oy52bxfmD8F2km1XqHvf1-B4_zsqVA4TqKAq8Kib4BhVqay4PyPyaE5tw7rH_smbzvcw-ayGsUi5VN8ZB4PHbN20wjEak2RgnM1sdWn0G0WILsTEoTMblbmFb1jn9LWa5djkrwCzmyZpiNEpkSAKAmf-AAzzS6t8Vgss-wKUMXFbHbib7sYayVoJy8tlKfs5LhwmRvu4mLALnC_ZSZXB3SjxC28eqqw4YJW9IQ-LerNp3an9IuDkzpd4vvR4zyBp2MyovwYv4wRsg3fkQbC46aIfxtysZcYQX5U0_b3rY3F0Z_nTM0GF3vzb_iLNBUC7yZGcg3OiPRdSlMw9MT2WimFdwtTElY1peMzfCniM7jOjsHfl_gMdLoxsr1LBwrWoQu3Y5p86No2I4fQ9Q4v3v5oAAEKS0PXYcX-FiLEPgMtjVfB6hIUjWwt0smExB0WcPq0g1cl_nb1--Z0uB9LkO6_vBUe6aQTk-X71zTc060TL5PsPvEn2mhzyL-I8mnWa7TNmYiwG-vdcyJeH1xX7JyGStyEfhr_0SKPXQpSKE7Mm4Z-uu4kaftkEE7xZHhqAfzpcumhOdeKFCRN1iSmaDVU-K3jlA-uW2XGbsx3et03KiGBrcrwja0h0xLEb9GtpH3hbnMFGnxH7Vk93ZTre10pJAGNAOi2SyFeiGRIf43g_KKYAv1faaqRelYHz0A2SIBHabJPqEdPN6DIcrVYozBpnI4Wd_bhVw1Ko45aLd_ME2HWk7f7qoiMpStxPXq0eb6p5kZCfwemHPXz-8L3OMSjbUapE25ZB9R1ZUaezsRW6SE81MCrdamabnlpO85-s-fUsrLDBjNlM1mH1wDQMo8uFHGI2s6UYKbxZC9Z24LIB5674Pvg3hEU5si851kHLIOCs1H6oGSsEdaqgCmdQ728gBJRwpYegy4vPM5fywfAUNr4TuFB5LMav6eBxwpPRm-NLkpFAO5g9F3Mvihmw3q1lBScrJ9Z4EWZy3Gt6eZmdZ-oyV2gxJsyPGWrBku5cIsf3NwM-gZFxBfDzSBTi7thWrtW5pTKugH14x0TxZYpzqRLAYF-MC5zTabYg1-H7koxgLogd_mXTl1iSabx6Obl5oxXGBH9qBA9y62WCj9zaCyuQeyoRYkS6DqhfDNWLEYBbLXwx7TD9XXXN1CR3lF5GzW_qSBhnsh1N8fxRLNlzTVbHq_bWI2SyheowCR4O5YbvP3RzaGFflwXoTbkmQeczL4zmgect4xqEI7LocRX7ZZSHMKoHlJfc6UMyLiYleP9AeNrnO9FwrLthwsgz5AORiDOlV_iwachus_8E6jZRGK73vzA8YpNWc7P3-NqpLjxB2raALru0WxrGENBtRMW7r-wQCoryddDqx7lGvl7DZ3PsVdIhy44F6-Uwz_maRXLdNERLrLfCpRtb50rTuFWmP_1c0im0hO56LOECpsbp8HW8yTcGye5GlLARFo0-MbULiPm-Q5IO8tka0O3JC5bjKQJxB6x7JF2nWcWdYtLa-fKmxfhmJmMH6t04dYheFp40UXYtjUdp3fdf4ttdanqnv3l_2JZZmQuT0D9SWq-SrLsIrd8SoleUs6GKJQUkCSyhwVi_jx9o74Yy6UDCeLPMvwO5fioRPN-xFDJ1tBHE5NoEQNCZdUcvGlccH2Clzd-6mC5--K9Tz-UGxjApT0zyWe3-ZZnUJRYHWoy6hPB-cmaERtH3g91e91zAv2aYA3rUBpjMWKGCh7R_itporGg1jUmbeAkievYNyTqU9opYK5o3BpC7jqwFLE-2la4cwncIu-V9vs5Pkgzds7vMVof8nCvaWI01_tEFuus-X7vThTiovYzI43zay-zMzXZTb4Rf_C1ART_Uv3hzCR8BZG69wZj5LYtl5BrASLdRHxA77uGtGuKC_IyEXWakcKsFwd6eV1eLlFmXFZKaKS7-z_zz5y0PXrQQ_JcdS5PhiWyMGT3qhaiufPTAW0JnysSL4iB-vKJICduVdH7kBLQ8kTwTum95SVXAcBpubv6YblbwTrsw6DC70AsDrl4b5OzaMD1wft1dgx0nGfEqvQ7V1x4DYNIy9jpq15HevQ1xTwBQD0gcWdrjlc0Yc_kx6UIiY0NzwVNQ23pBTiL2fTcZ18nKfnpViFCvrOerZcdYMTvScoX6RM9Oze09TwI7Nk04mqB5iDDrlJCakdZRpJpgkfIG7Jc4TD7FwxeRCTEdpCM4Va0HM4iiOuXION8W6UTFt88edc5e7tG_9HTDU6ltuc5AdO0l2Kg1pXj9QLA-toHJZq6qc8H6JKGjAdmwOt-2GIynd12SPGHpy74N4YxG9lGvLM8uYLEXTltYIcSD6bgteUbDWzuSCwCVZVw5L3mVYTtdyUT1Kfu-QQdqPT64sO7hc_XYtZgmvwgk_5338QOZXDAEdJX7eQo4HI18QXH9EEX0mnsWsKEfHVMwxWa02uJkF-WCG2mzbOxOSJzMrqCbaSfz5dpcKmWS8UBHPUYd_kJe38MzHb_OysLME-S-TvQEr_i9cAXKBn8wycVyZ4N2_l8mgNntyfEUedW-ea9Om9CPiP3YAFn4-sn9ErEen0ow5B4afOJeIu76le-HV7tlFjSNr-wgYuZgELoEll-WutC9cX0iKz99F1fXon7g2cnkyV3Jw7izxSsGOFkjUD3eiE1jmdZMiwJc5O-ls_cV93GDgE_LbgAX0q7D6VnLFbmAVgD88DTA3PNBTBqHMjqXhbKvoFi6rCMUXBCEdl_hE3jOEWpIxrKr0FSs_uvthK1kuJNt9ThxPEJh-isk-0Nn75euHzBKE_qFbBp1V35YXRODp3gtn8tL8inwKQqv_dwimN6TZ62_V2_SVuBzbn6yLeM-pxXLKedLBxilp6Zeiy93f3jCd-q4Jh2DDX3SfMy4QeIXopoqgt1TyAM24IqqXmKmLpn5ax8cq1-BLcpMoijsykLQuLa--RbSGWvrC0oQgS8mkdBtXOFkbbwBvfmEdZ3S0KEVZA9GAOFa0EhohgMsJP8Jl_fmF4Og2T8IHdDVmqBMvqcMo838y28Y3XnP1QhzURjaSYFhkT3O8eoOYDq2gXcj6vgGmTyrLxJq0GLx2kN2_F-Hp55Y5t67TZwi4HRf4XhZE4C8VnDX0DWg13eIn1_Ftcaa7q8AzAEfD0kyBOP1WZNZVBSLFPdCYR-mGcUtg3_lbACYlZKN0LiugO8ElzXio6f7ReygRlMxudjdLP-igG0CrglDoRBmxuah0YaLmUCxpBCAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6NgAQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:17:26 GMT content-encoding gzip x-content-type-options nosniff age 268 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8593 x-xss-protection 0 server cafe etag 3013172215444160546 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:17:26 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 8858	8 KB 3 KB	10ms 7ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp.js Requested by Host: bid.g.doubleclick.net URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWDJZhe6dM9mTVBKiV07oOcXjmL2anLnIVrnL7kpn5xcVcbup4&d=CnkAoCZ_4H2dkuv7mXl5y_oy52bxfmD8F2km1XqHvf1-B4_zsqVA4TqKAq8Kib4BhVqay4PyPyaE5tw7rH_smbzvcw-ayGsUi5VN8ZB4PHbN20wjEak2RgnM1sdWn0G0WILsTEoTMblbmFb1jn9LWa5djkrwCzmyZpiNEpkSAKAmf-AAzzS6t8Vgss-wKUMXFbHbib7sYayVoJy8tlKfs5LhwmRvu4mLALnC_ZSZXB3SjxC28eqqw4YJW9IQ-LerNp3an9IuDkzpd4vvR4zyBp2MyovwYv4wRsg3fkQbC46aIfxtysZcYQX5U0_b3rY3F0Z_nTM0GF3vzb_iLNBUC7yZGcg3OiPRdSlMw9MT2WimFdwtTElY1peMzfCniM7jOjsHfl_gMdLoxsr1LBwrWoQu3Y5p86No2I4fQ9Q4v3v5oAAEKS0PXYcX-FiLEPgMtjVfB6hIUjWwt0smExB0WcPq0g1cl_nb1--Z0uB9LkO6_vBUe6aQTk-X71zTc060TL5PsPvEn2mhzyL-I8mnWa7TNmYiwG-vdcyJeH1xX7JyGStyEfhr_0SKPXQpSKE7Mm4Z-uu4kaftkEE7xZHhqAfzpcumhOdeKFCRN1iSmaDVU-K3jlA-uW2XGbsx3et03KiGBrcrwja0h0xLEb9GtpH3hbnMFGnxH7Vk93ZTre10pJAGNAOi2SyFeiGRIf43g_KKYAv1faaqRelYHz0A2SIBHabJPqEdPN6DIcrVYozBpnI4Wd_bhVw1Ko45aLd_ME2HWk7f7qoiMpStxPXq0eb6p5kZCfwemHPXz-8L3OMSjbUapE25ZB9R1ZUaezsRW6SE81MCrdamabnlpO85-s-fUsrLDBjNlM1mH1wDQMo8uFHGI2s6UYKbxZC9Z24LIB5674Pvg3hEU5si851kHLIOCs1H6oGSsEdaqgCmdQ728gBJRwpYegy4vPM5fywfAUNr4TuFB5LMav6eBxwpPRm-NLkpFAO5g9F3Mvihmw3q1lBScrJ9Z4EWZy3Gt6eZmdZ-oyV2gxJsyPGWrBku5cIsf3NwM-gZFxBfDzSBTi7thWrtW5pTKugH14x0TxZYpzqRLAYF-MC5zTabYg1-H7koxgLogd_mXTl1iSabx6Obl5oxXGBH9qBA9y62WCj9zaCyuQeyoRYkS6DqhfDNWLEYBbLXwx7TD9XXXN1CR3lF5GzW_qSBhnsh1N8fxRLNlzTVbHq_bWI2SyheowCR4O5YbvP3RzaGFflwXoTbkmQeczL4zmgect4xqEI7LocRX7ZZSHMKoHlJfc6UMyLiYleP9AeNrnO9FwrLthwsgz5AORiDOlV_iwachus_8E6jZRGK73vzA8YpNWc7P3-NqpLjxB2raALru0WxrGENBtRMW7r-wQCoryddDqx7lGvl7DZ3PsVdIhy44F6-Uwz_maRXLdNERLrLfCpRtb50rTuFWmP_1c0im0hO56LOECpsbp8HW8yTcGye5GlLARFo0-MbULiPm-Q5IO8tka0O3JC5bjKQJxB6x7JF2nWcWdYtLa-fKmxfhmJmMH6t04dYheFp40UXYtjUdp3fdf4ttdanqnv3l_2JZZmQuT0D9SWq-SrLsIrd8SoleUs6GKJQUkCSyhwVi_jx9o74Yy6UDCeLPMvwO5fioRPN-xFDJ1tBHE5NoEQNCZdUcvGlccH2Clzd-6mC5--K9Tz-UGxjApT0zyWe3-ZZnUJRYHWoy6hPB-cmaERtH3g91e91zAv2aYA3rUBpjMWKGCh7R_itporGg1jUmbeAkievYNyTqU9opYK5o3BpC7jqwFLE-2la4cwncIu-V9vs5Pkgzds7vMVof8nCvaWI01_tEFuus-X7vThTiovYzI43zay-zMzXZTb4Rf_C1ART_Uv3hzCR8BZG69wZj5LYtl5BrASLdRHxA77uGtGuKC_IyEXWakcKsFwd6eV1eLlFmXFZKaKS7-z_zz5y0PXrQQ_JcdS5PhiWyMGT3qhaiufPTAW0JnysSL4iB-vKJICduVdH7kBLQ8kTwTum95SVXAcBpubv6YblbwTrsw6DC70AsDrl4b5OzaMD1wft1dgx0nGfEqvQ7V1x4DYNIy9jpq15HevQ1xTwBQD0gcWdrjlc0Yc_kx6UIiY0NzwVNQ23pBTiL2fTcZ18nKfnpViFCvrOerZcdYMTvScoX6RM9Oze09TwI7Nk04mqB5iDDrlJCakdZRpJpgkfIG7Jc4TD7FwxeRCTEdpCM4Va0HM4iiOuXION8W6UTFt88edc5e7tG_9HTDU6ltuc5AdO0l2Kg1pXj9QLA-toHJZq6qc8H6JKGjAdmwOt-2GIynd12SPGHpy74N4YxG9lGvLM8uYLEXTltYIcSD6bgteUbDWzuSCwCVZVw5L3mVYTtdyUT1Kfu-QQdqPT64sO7hc_XYtZgmvwgk_5338QOZXDAEdJX7eQo4HI18QXH9EEX0mnsWsKEfHVMwxWa02uJkF-WCG2mzbOxOSJzMrqCbaSfz5dpcKmWS8UBHPUYd_kJe38MzHb_OysLME-S-TvQEr_i9cAXKBn8wycVyZ4N2_l8mgNntyfEUedW-ea9Om9CPiP3YAFn4-sn9ErEen0ow5B4afOJeIu76le-HV7tlFjSNr-wgYuZgELoEll-WutC9cX0iKz99F1fXon7g2cnkyV3Jw7izxSsGOFkjUD3eiE1jmdZMiwJc5O-ls_cV93GDgE_LbgAX0q7D6VnLFbmAVgD88DTA3PNBTBqHMjqXhbKvoFi6rCMUXBCEdl_hE3jOEWpIxrKr0FSs_uvthK1kuJNt9ThxPEJh-isk-0Nn75euHzBKE_qFbBp1V35YXRODp3gtn8tL8inwKQqv_dwimN6TZ62_V2_SVuBzbn6yLeM-pxXLKedLBxilp6Zeiy93f3jCd-q4Jh2DDX3SfMy4QeIXopoqgt1TyAM24IqqXmKmLpn5ax8cq1-BLcpMoijsykLQuLa--RbSGWvrC0oQgS8mkdBtXOFkbbwBvfmEdZ3S0KEVZA9GAOFa0EhohgMsJP8Jl_fmF4Og2T8IHdDVmqBMvqcMo838y28Y3XnP1QhzURjaSYFhkT3O8eoOYDq2gXcj6vgGmTyrLxJq0GLx2kN2_F-Hp55Y5t67TZwi4HRf4XhZE4C8VnDX0DWg13eIn1_Ftcaa7q8AzAEfD0kyBOP1WZNZVBSLFPdCYR-mGcUtg3_lbACYlZKN0LiugO8ElzXio6f7ReygRlMxudjdLP-igG0CrglDoRBmxuah0YaLmUCxpBCAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6NgAQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:20:00 GMT content-encoding gzip x-content-type-options nosniff age 114 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:20:00 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8858	0 528 B	161ms 55ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3X457ASAiXD01oAPWLCG-9xxwpZpooGlmjUFJGa1spgaW8iFPsK_kgIU6hAu58cBXaAKuV6c3Y2H7wJ96CP89VTldtg4Zog_ot74orrCJxoJc66pJfVfVaBxZuMS4Ldjj-NhJzLvTLKmSypCbzUXakxJJAfBy_d4z2C_rDKU&sai=AMfl-YRgwNa1GUc3K6eKg0YWe-x5OUv5jrhXo2ooZvFQBTKWPtaRpE9g7G1PQQjGR0bOWdhiBnefb1uxH8j_Bt2ueg7Gg6t15DSJRm8sNue8u5U9NmjTBmwAmvLe7UqfNw&sig=Cg0ArKJSzOIFNODxGzkdEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210517.77868&adurl= Requested by Host: bid.g.doubleclick.net URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWDJZhe6dM9mTVBKiV07oOcXjmL2anLnIVrnL7kpn5xcVcbup4&d=CnkAoCZ_4H2dkuv7mXl5y_oy52bxfmD8F2km1XqHvf1-B4_zsqVA4TqKAq8Kib4BhVqay4PyPyaE5tw7rH_smbzvcw-ayGsUi5VN8ZB4PHbN20wjEak2RgnM1sdWn0G0WILsTEoTMblbmFb1jn9LWa5djkrwCzmyZpiNEpkSAKAmf-AAzzS6t8Vgss-wKUMXFbHbib7sYayVoJy8tlKfs5LhwmRvu4mLALnC_ZSZXB3SjxC28eqqw4YJW9IQ-LerNp3an9IuDkzpd4vvR4zyBp2MyovwYv4wRsg3fkQbC46aIfxtysZcYQX5U0_b3rY3F0Z_nTM0GF3vzb_iLNBUC7yZGcg3OiPRdSlMw9MT2WimFdwtTElY1peMzfCniM7jOjsHfl_gMdLoxsr1LBwrWoQu3Y5p86No2I4fQ9Q4v3v5oAAEKS0PXYcX-FiLEPgMtjVfB6hIUjWwt0smExB0WcPq0g1cl_nb1--Z0uB9LkO6_vBUe6aQTk-X71zTc060TL5PsPvEn2mhzyL-I8mnWa7TNmYiwG-vdcyJeH1xX7JyGStyEfhr_0SKPXQpSKE7Mm4Z-uu4kaftkEE7xZHhqAfzpcumhOdeKFCRN1iSmaDVU-K3jlA-uW2XGbsx3et03KiGBrcrwja0h0xLEb9GtpH3hbnMFGnxH7Vk93ZTre10pJAGNAOi2SyFeiGRIf43g_KKYAv1faaqRelYHz0A2SIBHabJPqEdPN6DIcrVYozBpnI4Wd_bhVw1Ko45aLd_ME2HWk7f7qoiMpStxPXq0eb6p5kZCfwemHPXz-8L3OMSjbUapE25ZB9R1ZUaezsRW6SE81MCrdamabnlpO85-s-fUsrLDBjNlM1mH1wDQMo8uFHGI2s6UYKbxZC9Z24LIB5674Pvg3hEU5si851kHLIOCs1H6oGSsEdaqgCmdQ728gBJRwpYegy4vPM5fywfAUNr4TuFB5LMav6eBxwpPRm-NLkpFAO5g9F3Mvihmw3q1lBScrJ9Z4EWZy3Gt6eZmdZ-oyV2gxJsyPGWrBku5cIsf3NwM-gZFxBfDzSBTi7thWrtW5pTKugH14x0TxZYpzqRLAYF-MC5zTabYg1-H7koxgLogd_mXTl1iSabx6Obl5oxXGBH9qBA9y62WCj9zaCyuQeyoRYkS6DqhfDNWLEYBbLXwx7TD9XXXN1CR3lF5GzW_qSBhnsh1N8fxRLNlzTVbHq_bWI2SyheowCR4O5YbvP3RzaGFflwXoTbkmQeczL4zmgect4xqEI7LocRX7ZZSHMKoHlJfc6UMyLiYleP9AeNrnO9FwrLthwsgz5AORiDOlV_iwachus_8E6jZRGK73vzA8YpNWc7P3-NqpLjxB2raALru0WxrGENBtRMW7r-wQCoryddDqx7lGvl7DZ3PsVdIhy44F6-Uwz_maRXLdNERLrLfCpRtb50rTuFWmP_1c0im0hO56LOECpsbp8HW8yTcGye5GlLARFo0-MbULiPm-Q5IO8tka0O3JC5bjKQJxB6x7JF2nWcWdYtLa-fKmxfhmJmMH6t04dYheFp40UXYtjUdp3fdf4ttdanqnv3l_2JZZmQuT0D9SWq-SrLsIrd8SoleUs6GKJQUkCSyhwVi_jx9o74Yy6UDCeLPMvwO5fioRPN-xFDJ1tBHE5NoEQNCZdUcvGlccH2Clzd-6mC5--K9Tz-UGxjApT0zyWe3-ZZnUJRYHWoy6hPB-cmaERtH3g91e91zAv2aYA3rUBpjMWKGCh7R_itporGg1jUmbeAkievYNyTqU9opYK5o3BpC7jqwFLE-2la4cwncIu-V9vs5Pkgzds7vMVof8nCvaWI01_tEFuus-X7vThTiovYzI43zay-zMzXZTb4Rf_C1ART_Uv3hzCR8BZG69wZj5LYtl5BrASLdRHxA77uGtGuKC_IyEXWakcKsFwd6eV1eLlFmXFZKaKS7-z_zz5y0PXrQQ_JcdS5PhiWyMGT3qhaiufPTAW0JnysSL4iB-vKJICduVdH7kBLQ8kTwTum95SVXAcBpubv6YblbwTrsw6DC70AsDrl4b5OzaMD1wft1dgx0nGfEqvQ7V1x4DYNIy9jpq15HevQ1xTwBQD0gcWdrjlc0Yc_kx6UIiY0NzwVNQ23pBTiL2fTcZ18nKfnpViFCvrOerZcdYMTvScoX6RM9Oze09TwI7Nk04mqB5iDDrlJCakdZRpJpgkfIG7Jc4TD7FwxeRCTEdpCM4Va0HM4iiOuXION8W6UTFt88edc5e7tG_9HTDU6ltuc5AdO0l2Kg1pXj9QLA-toHJZq6qc8H6JKGjAdmwOt-2GIynd12SPGHpy74N4YxG9lGvLM8uYLEXTltYIcSD6bgteUbDWzuSCwCVZVw5L3mVYTtdyUT1Kfu-QQdqPT64sO7hc_XYtZgmvwgk_5338QOZXDAEdJX7eQo4HI18QXH9EEX0mnsWsKEfHVMwxWa02uJkF-WCG2mzbOxOSJzMrqCbaSfz5dpcKmWS8UBHPUYd_kJe38MzHb_OysLME-S-TvQEr_i9cAXKBn8wycVyZ4N2_l8mgNntyfEUedW-ea9Om9CPiP3YAFn4-sn9ErEen0ow5B4afOJeIu76le-HV7tlFjSNr-wgYuZgELoEll-WutC9cX0iKz99F1fXon7g2cnkyV3Jw7izxSsGOFkjUD3eiE1jmdZMiwJc5O-ls_cV93GDgE_LbgAX0q7D6VnLFbmAVgD88DTA3PNBTBqHMjqXhbKvoFi6rCMUXBCEdl_hE3jOEWpIxrKr0FSs_uvthK1kuJNt9ThxPEJh-isk-0Nn75euHzBKE_qFbBp1V35YXRODp3gtn8tL8inwKQqv_dwimN6TZ62_V2_SVuBzbn6yLeM-pxXLKedLBxilp6Zeiy93f3jCd-q4Jh2DDX3SfMy4QeIXopoqgt1TyAM24IqqXmKmLpn5ax8cq1-BLcpMoijsykLQuLa--RbSGWvrC0oQgS8mkdBtXOFkbbwBvfmEdZ3S0KEVZA9GAOFa0EhohgMsJP8Jl_fmF4Og2T8IHdDVmqBMvqcMo838y28Y3XnP1QhzURjaSYFhkT3O8eoOYDq2gXcj6vgGmTyrLxJq0GLx2kN2_F-Hp55Y5t67TZwi4HRf4XhZE4C8VnDX0DWg13eIn1_Ftcaa7q8AzAEfD0kyBOP1WZNZVBSLFPdCYR-mGcUtg3_lbACYlZKN0LiugO8ElzXio6f7ReygRlMxudjdLP-igG0CrglDoRBmxuah0YaLmUCxpBCAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6NgAQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	CV_Programmatic_Open_Exchange_line_KF-1200zl_CS_300x250_CT_BAN.jpg s0.2mdn.net/6494366/ Frame 8858	28 KB 28 KB	33ms 7ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/6494366/CV_Programmatic_Open_Exchange_line_KF-1200zl_CS_300x250_CT_BAN.jpg Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5ff5527d250f80a7c83fdf48012fd42b97da1b1f4f9125b6dae84420e84f4e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 11:54:54 GMT x-content-type-options nosniff last-modified Fri, 30 Apr 2021 18:58:31 GMT server sffe age 66420 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28913 x-xss-protection 0 expires Tue, 25 May 2021 11:54:54 GMT
GET H3-29	200	B25532459.299143632;dc_pre=CNWFh9eY5PACFVaFgwcde7cCoA;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/ Frame 8858 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm... https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_pre=CNWFh9eY5PACFVaFgwcde7cCoA;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_r...	42 B 63 B	125ms 68ms	Image image/gif	172.217.16.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_pre=CNWFh9eY5PACFVaFgwcde7cCoA;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement%22 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.134 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 location https://ad.doubleclick.net/ddm/trackimp/N778259.279382INVITEMEDIAINC.DON/B25532459.299143632;dc_pre=CNWFh9eY5PACFVaFgwcde7cCoA;dc_trk_aid=491933801;dc_trk_cid=148122211;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?%22BORDER=%220%22HEIGHT=%221%22WIDTH=%221%22ALT=%22Advertisement%22 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dacia_300x250.html Show response s0.2mdn.net/9419156/1620658408223/ Frame 1592	7 KB 2 KB	15ms 7ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c2b082193e98c9eb1ad587e4d467799b7b2dfe59c287473499843c9e627c528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9419156/1620658408223/dacia_300x250.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 2497 date Mon, 24 May 2021 16:52:26 GMT expires Tue, 25 May 2021 16:52:26 GMT last-modified Mon, 10 May 2021 14:53:28 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 48568 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 26BD	0 107 B	141ms 62ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssn5o9nW_GlvYUqE_LTHLypY8SG7wQBiNl4iT2-Cn3vizvwFOXfhrciRkDaNl-QyuysCO0CYOmcyIbOzeW48Gx5xTSItu70GYBI8cYmAUYXZMnU3KzmQYlu-9jRfGW6kBuZeLzRmZswoeMgRWbq1P5Rl702ldkJkzC73Ofj3XWfZhbpKiiUQrz-mkdRlNWOmtdzq213l19XwJ352TWnKvQ56om_pgc6L53DaQI00po7MOYOfEDFBew_m8HBPDhJVD97yTr23JL1jLrr28Q1NmIBysXrvYdWD89F0v5jt6hLI2muKS2V7yijUmF_BnMYd0VZDt0MODiBt3WXsweOSfpZFCXf6QRzZOwa8W5EtPM7vptKvEVoyP_WMinxvwaL7KlVC3YfKH5RKZQFgBjsLW3q53B2Lk1FkJ-3w1i_A8PCzOv_rW_4ilFrT795JRxKOewIvKvx9shQg8-HQlYMy--8AEP0ilt27TqYXIUct5Uf-tFb0WFAttSQT0P0JaNrKedXU0t9ePaejjYkW6RBfIxwU0KzOR917_XuEPph3dcVsnUubu5Si_tsgzAAqh12H6DAEGMHWFdhMFsJVMcYZZPd1-x4rFZVVATt5s8XIbpaJIO4Fx9vlIJbpMxEbAb7s8rGmBJUvazYB-3Vx22ZcXmrhUVPQ36zdC3v7VWg7EjlkS8vGz6tL9XH9ldb1L1y4t2NhMQhWZs4I14iLxx_JcJPrMK-YgLJ8ekBtLOTqqMwd09x4AAjvlPqplosmxZYVuruzyQIiVMbFVjtc90tIEEcNrpyshBEvuuAQa2xH7a894P3yaR9aFpMpro0gutR0jJsTmb0MIMD_BTUKNU1QelcoF6O8asjFnhVzdV2PKxE3QL0pyvS3IIKeaUxYmUGDPO5MlN_C7zjOBHRV-grT4BKIj3icvU2veTO_9ghyIlW4RCq7YN8kz9FlDUKmpKzUI8PPAuQraX9-XroToj6JuDg98mLKNkuxPMST_1PnQ5gZ17O0RfA8rKakczcfAHqNymfRhuHnMa5PSMBLyPSNDBhiJKNSF7R_wn_8Xwv7l4a1uB6RNjHwB4KmqRjTpZkhwwmephGzpOXL8kJdSr8f83dr2-Xo6j3yZdWupMpoLpRBm9sxZ14e9ZJ88XY8ygGpldhPlcSFSltwUa5hrt_83RW0ENOmp9fkc24C67yYIMaDjQi4Xy4xseALAPvWKY3rL3yzZtzrqCZ&sai=AMfl-YQysNFWL2v5OpDDs3gDuNACSREfiQB1EelYxp1yaCrGOPXpar0beXeVxpttnEsyII_gN0j_KKq_XFz6bMRYrKq8g9xlljpWT95NKVPCCfk4xwMRU5GnvqNKLXkNr1fJIwPYRb5Mgd-3VgougBlOfOr7H2kSAHWt61tB2zoyD_ePy2UPUIdOaL38AqV_S1bAPRDxRK-5nKOoSYSipjzBTmFD37ZORCUWLdNHdZwJ_Q&sig=Cg0ArKJSzJGS0OkOp3nlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=1&cstd=113&cisv=r20210517.23724&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 25 May 2021 06:21:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 26BD	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 18:00:25 GMT content-encoding gzip x-content-type-options nosniff age 44489 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 18:00:25 GMT
GET DATA	200 OK	truncated / Frame 26BD	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eba078c9e7c8f0bf3579a0f25035a700ca155a8095779f54298e71b13e472805 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame BE24 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1	43 B 1014 B	86ms 61ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame BE24 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXgu2AWSiMrcp70XHXXgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1	43 B 894 B	59ms 59ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:55 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMsHljaboq3gYPxkOeY3X0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame BE24 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEKacxnuH9AHQ__R7wU3Dk7M&google_cver=1	43 B 1023 B	64ms 47ms	Image image/gif	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEKacxnuH9AHQ__R7wU3Dk7M&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.151:80 AN-X-Request-Uuid 68f4987b-9ea3-4697-9825-5077beb408b7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:54 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEKacxnuH9AHQ__R7wU3Dk7M&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame BE24 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTIzMzUzNDc3MDkyNjQ1Mw%3D%3D	170 B 188 B	51ms 51ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTIzMzUzNDc3MDkyNjQ1Mw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTcoQIQ87SoAhjY0-eoATAB&v=APEucNUe2m6KtEWzITq-eO8RmD3cTqsnisrm9oI8vkisM7Nk-H2N5S6O-8_WqIw0qsiczIcnqhBsRtoqaM2Osch4p8jtplYaR37wiLOtEJyse5W5e4RlU7NDPfrDyTt1QJXYCBIwGg5zNtDKcECupacW8AOw-WuiyLjTcl4KTLf4z0qOD-DfFz8GYfg1iZs-jImcsJdqxHVJBxZhSKJTaiTBR_wlVriE-n2krcYT_O_I2L2Q2ovrqzo Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:55 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.176:80 AN-X-Request-Uuid 35b1d5a3-c46e-44cb-b344-5930eeb504d1 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI4NTIzMzUzNDc3MDkyNjQ1Mw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 059F	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 18:00:25 GMT expires Tue, 24 May 2022 18:00:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 44489 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	dacia_300x250.html Show response s0.2mdn.net/9419156/1620658408223/ Frame 40A5	7 KB 2 KB	8ms 6ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c2b082193e98c9eb1ad587e4d467799b7b2dfe59c287473499843c9e627c528 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /9419156/1620658408223/dacia_300x250.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 2497 date Mon, 24 May 2021 16:52:26 GMT expires Tue, 25 May 2021 16:52:26 GMT last-modified Mon, 10 May 2021 14:53:28 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 48568 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6E2C	0 61 B	103ms 62ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHCDPfGtCu3TXZoizl3fXhzSIY92d2g3hg_d81GPN-DSFFxL5IH29WBDlMl-jwdYAnQvlcmawRKoJ1sDENnFT10fXrtheW1AAiO0o8zWrlWukfk8dPRmlIvXvEGtlJ1v4V_dizIGam2KX1wuA9czZbtz_vD_lU3mrTsJhnCAk35j94xN1g3axmFr3JTikh2Ff1xMclUf0K2T-4xk3CzeeGrzq3FwiKwSMZhU4edXj-yQV_80YZEdF50BJpRatZOb_dv9C1evxxIHcouXplg__tN26gfVwlkoCGq2k2X5rlEOGH6yG6JOGSR5E-B6DrnjO3noQ-A2UxuP-QYqCAQ8NxmPp8zdIkA-jjeKf9mgKjfcyDI7bkaSTeoDeSNUEifpqjBrf6xnxIYkI1k6k5l7xNVkzi4u5hcyOsJOLQYMwP9W_SLsb5NeWQlfvB9YWsjqU_QV5csx-YxPeP7DWyFCFfUcW9vNK-JCZtijkZtJrSBqZ6qPES47EsIPWnur3gh5-lV5vD33ZEnHBwi_a0TPiB_19Ts_1gYyl-aJ1hnYbb5Rlym7vFZMqqKMPdvs51PJwvz5rsAfdrQe7Huu87Pzkt2nPveGG3gbY74cU4fOEw2afQvA46M4wxoPX3f46mZcm9dibjFGA86zr4JTw0d-x3amdnnFf2OlrJI0lvUBK5OMj_kkFI5CCOUkqHJ9AQUs0qKPJL0TlIiBBi2uzY_Ndjek3fW5oiWf6eiukIXncrD4kKaiwlY5SdsEMMkggIg4G3CAIUd5dOSwix0CDSNdedOQ9m7S8ot-g4-axP2zsckDRoJ2QEHBJVafb87iqhVXjEbmOqYZbYS7_rHwIxlh2YraGF8d9pRYSbX0zayoCdQvG11qX3icaSmW1JS5fvFwbHKjxb-lxF00Hksz2jWrFmGXIq_HQKl4vUF6v05QodkV2c9a9AgYjQL-mtRwJHHj8oWynUZFOfjORoPjAhYxyHwifKTsHs0YubYi51um5An3xOBFVwVnsw8CbSKdhMhKWQCrteWrvNwaI2ZCuL6R4eUOzfQiX_IQ97xsAavWIy1FmNx_RNSI3LlaJbjwI5w-BwvfzXwVSI1mNyOca-cow-Y74OsBzH7KzntDZHj8cuwSCYrECuO6LWtpKR06cfNYYUHezSFrjhBSFjBuh7IbeZwppu_yOL4VGkbtedQAJpSzhd6JSNBeJ8cS-co5yXSTIHpNj2InEWzMmZ8A&sai=AMfl-YRqa_YhsunmW5ZXBksSFO8REOYZJx71OfTawph01DZrtlBnws8eyITahZZvvetIUn3YmOMU2UkCoc_aMtz52Hb7T5GyIUrAXmFoxxZMcJ8lvtkCWAxNy4PJlRB-7TDtIOwlDDGb0Ef60PksDjoKG0dO_Y8Su8jWUnGhHZt2OzYWq_GYJaTkGWl-6sqC5MPiPhmvaMO6BHB8AnZcErbh0t1CoUxqA5ZtfuzbhGzjsQ&sig=Cg0ArKJSzAnRjGQE3AtVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=310&cbvp=1&cstd=308&cisv=r20210517.99647&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 25 May 2021 06:21:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 8858	0 60 B	69ms 56ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst3X457ASAiXD01oAPWLCG-9xxwpZpooGlmjUFJGa1spgaW8iFPsK_kgIU6hAu58cBXaAKuV6c3Y2H7wJ96CP89VTldtg4Zog_ot74orrCJxoJc66pJfVfVaBxZuMS4Ldjj-NhJzLvTLKmSypCbzUXakxJJAfBy_d4z2C_rDKU&sai=AMfl-YRgwNa1GUc3K6eKg0YWe-x5OUv5jrhXo2ooZvFQBTKWPtaRpE9g7G1PQQjGR0bOWdhiBnefb1uxH8j_Bt2ueg7Gg6t15DSJRm8sNue8u5U9NmjTBmwAmvLe7UqfNw&sig=Cg0ArKJSzOIFNODxGzkdEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&vt=11&dtpt=94&dett=2&cstd=0&cisv=r20210517.77868&adurl= Requested by Host: bid.g.doubleclick.net URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWDJZhe6dM9mTVBKiV07oOcXjmL2anLnIVrnL7kpn5xcVcbup4&d=CnkAoCZ_4H2dkuv7mXl5y_oy52bxfmD8F2km1XqHvf1-B4_zsqVA4TqKAq8Kib4BhVqay4PyPyaE5tw7rH_smbzvcw-ayGsUi5VN8ZB4PHbN20wjEak2RgnM1sdWn0G0WILsTEoTMblbmFb1jn9LWa5djkrwCzmyZpiNEpkSAKAmf-AAzzS6t8Vgss-wKUMXFbHbib7sYayVoJy8tlKfs5LhwmRvu4mLALnC_ZSZXB3SjxC28eqqw4YJW9IQ-LerNp3an9IuDkzpd4vvR4zyBp2MyovwYv4wRsg3fkQbC46aIfxtysZcYQX5U0_b3rY3F0Z_nTM0GF3vzb_iLNBUC7yZGcg3OiPRdSlMw9MT2WimFdwtTElY1peMzfCniM7jOjsHfl_gMdLoxsr1LBwrWoQu3Y5p86No2I4fQ9Q4v3v5oAAEKS0PXYcX-FiLEPgMtjVfB6hIUjWwt0smExB0WcPq0g1cl_nb1--Z0uB9LkO6_vBUe6aQTk-X71zTc060TL5PsPvEn2mhzyL-I8mnWa7TNmYiwG-vdcyJeH1xX7JyGStyEfhr_0SKPXQpSKE7Mm4Z-uu4kaftkEE7xZHhqAfzpcumhOdeKFCRN1iSmaDVU-K3jlA-uW2XGbsx3et03KiGBrcrwja0h0xLEb9GtpH3hbnMFGnxH7Vk93ZTre10pJAGNAOi2SyFeiGRIf43g_KKYAv1faaqRelYHz0A2SIBHabJPqEdPN6DIcrVYozBpnI4Wd_bhVw1Ko45aLd_ME2HWk7f7qoiMpStxPXq0eb6p5kZCfwemHPXz-8L3OMSjbUapE25ZB9R1ZUaezsRW6SE81MCrdamabnlpO85-s-fUsrLDBjNlM1mH1wDQMo8uFHGI2s6UYKbxZC9Z24LIB5674Pvg3hEU5si851kHLIOCs1H6oGSsEdaqgCmdQ728gBJRwpYegy4vPM5fywfAUNr4TuFB5LMav6eBxwpPRm-NLkpFAO5g9F3Mvihmw3q1lBScrJ9Z4EWZy3Gt6eZmdZ-oyV2gxJsyPGWrBku5cIsf3NwM-gZFxBfDzSBTi7thWrtW5pTKugH14x0TxZYpzqRLAYF-MC5zTabYg1-H7koxgLogd_mXTl1iSabx6Obl5oxXGBH9qBA9y62WCj9zaCyuQeyoRYkS6DqhfDNWLEYBbLXwx7TD9XXXN1CR3lF5GzW_qSBhnsh1N8fxRLNlzTVbHq_bWI2SyheowCR4O5YbvP3RzaGFflwXoTbkmQeczL4zmgect4xqEI7LocRX7ZZSHMKoHlJfc6UMyLiYleP9AeNrnO9FwrLthwsgz5AORiDOlV_iwachus_8E6jZRGK73vzA8YpNWc7P3-NqpLjxB2raALru0WxrGENBtRMW7r-wQCoryddDqx7lGvl7DZ3PsVdIhy44F6-Uwz_maRXLdNERLrLfCpRtb50rTuFWmP_1c0im0hO56LOECpsbp8HW8yTcGye5GlLARFo0-MbULiPm-Q5IO8tka0O3JC5bjKQJxB6x7JF2nWcWdYtLa-fKmxfhmJmMH6t04dYheFp40UXYtjUdp3fdf4ttdanqnv3l_2JZZmQuT0D9SWq-SrLsIrd8SoleUs6GKJQUkCSyhwVi_jx9o74Yy6UDCeLPMvwO5fioRPN-xFDJ1tBHE5NoEQNCZdUcvGlccH2Clzd-6mC5--K9Tz-UGxjApT0zyWe3-ZZnUJRYHWoy6hPB-cmaERtH3g91e91zAv2aYA3rUBpjMWKGCh7R_itporGg1jUmbeAkievYNyTqU9opYK5o3BpC7jqwFLE-2la4cwncIu-V9vs5Pkgzds7vMVof8nCvaWI01_tEFuus-X7vThTiovYzI43zay-zMzXZTb4Rf_C1ART_Uv3hzCR8BZG69wZj5LYtl5BrASLdRHxA77uGtGuKC_IyEXWakcKsFwd6eV1eLlFmXFZKaKS7-z_zz5y0PXrQQ_JcdS5PhiWyMGT3qhaiufPTAW0JnysSL4iB-vKJICduVdH7kBLQ8kTwTum95SVXAcBpubv6YblbwTrsw6DC70AsDrl4b5OzaMD1wft1dgx0nGfEqvQ7V1x4DYNIy9jpq15HevQ1xTwBQD0gcWdrjlc0Yc_kx6UIiY0NzwVNQ23pBTiL2fTcZ18nKfnpViFCvrOerZcdYMTvScoX6RM9Oze09TwI7Nk04mqB5iDDrlJCakdZRpJpgkfIG7Jc4TD7FwxeRCTEdpCM4Va0HM4iiOuXION8W6UTFt88edc5e7tG_9HTDU6ltuc5AdO0l2Kg1pXj9QLA-toHJZq6qc8H6JKGjAdmwOt-2GIynd12SPGHpy74N4YxG9lGvLM8uYLEXTltYIcSD6bgteUbDWzuSCwCVZVw5L3mVYTtdyUT1Kfu-QQdqPT64sO7hc_XYtZgmvwgk_5338QOZXDAEdJX7eQo4HI18QXH9EEX0mnsWsKEfHVMwxWa02uJkF-WCG2mzbOxOSJzMrqCbaSfz5dpcKmWS8UBHPUYd_kJe38MzHb_OysLME-S-TvQEr_i9cAXKBn8wycVyZ4N2_l8mgNntyfEUedW-ea9Om9CPiP3YAFn4-sn9ErEen0ow5B4afOJeIu76le-HV7tlFjSNr-wgYuZgELoEll-WutC9cX0iKz99F1fXon7g2cnkyV3Jw7izxSsGOFkjUD3eiE1jmdZMiwJc5O-ls_cV93GDgE_LbgAX0q7D6VnLFbmAVgD88DTA3PNBTBqHMjqXhbKvoFi6rCMUXBCEdl_hE3jOEWpIxrKr0FSs_uvthK1kuJNt9ThxPEJh-isk-0Nn75euHzBKE_qFbBp1V35YXRODp3gtn8tL8inwKQqv_dwimN6TZ62_V2_SVuBzbn6yLeM-pxXLKedLBxilp6Zeiy93f3jCd-q4Jh2DDX3SfMy4QeIXopoqgt1TyAM24IqqXmKmLpn5ax8cq1-BLcpMoijsykLQuLa--RbSGWvrC0oQgS8mkdBtXOFkbbwBvfmEdZ3S0KEVZA9GAOFa0EhohgMsJP8Jl_fmF4Og2T8IHdDVmqBMvqcMo838y28Y3XnP1QhzURjaSYFhkT3O8eoOYDq2gXcj6vgGmTyrLxJq0GLx2kN2_F-Hp55Y5t67TZwi4HRf4XhZE4C8VnDX0DWg13eIn1_Ftcaa7q8AzAEfD0kyBOP1WZNZVBSLFPdCYR-mGcUtg3_lbACYlZKN0LiugO8ElzXio6f7ReygRlMxudjdLP-igG0CrglDoRBmxuah0YaLmUCxpBCAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6NgAQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 9E7A	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 18:00:25 GMT expires Tue, 24 May 2022 18:00:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 44489 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	main.gr.19.8.201.js Show response static.adsafeprotected.com/ Frame 8858	182 KB 58 KB	199ms 68ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.201.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/rjss/st/720504/54772583/skeleton.js?ias_advId=tn270nDf&ias_campId=v1__amncamid__%ebuy!__49059328&ias_pubId=pub-6396844742497208&ias_chanId=v1__eHzN2tHl__1__${APPNEXUS_AUCTION_ID}__${TRUSTX_AUCTION_ID}__${IX_AID}__${OX_AID}__${PUBMTC_AID}__${RUBI_AID}&ias_placementId=v1__%epid!__549644393847793680__19415562&adsafe_par&ias_impId=ABAjH0gT9f6w6-IYpvn36tA3fYwa Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-95-108.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 2394a068f6af11108e3bb63863e7b222c2540fecd0f25e6ec0a69433c32c0ad9 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT content-encoding gzip last-modified Tue, 18 May 2021 19:58:40 GMT server nginx/1.16.1 etag W/"c1b29b677b41f1652ad8447e08d02f45" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame 8858	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db3b72f65222917b3fa95516ee16520d91837222d2df5cf958ffc97ca8e550b3 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	createjs_2019.11.15_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 1592	236 KB 63 KB	14ms 13ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64275 x-xss-protection 0 last-modified Fri, 15 Nov 2019 19:16:20 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	dacia_300x250.js Show response s0.2mdn.net/9419156/1620658408223/ Frame 1592	38 KB 8 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd1500e9b81156d08c4c3b7c73c4dc5f48ae95e194422219e77833e28cf3eaee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 16:52:26 GMT content-encoding gzip x-content-type-options nosniff age 48568 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8014 x-xss-protection 0 last-modified Mon, 10 May 2021 14:53:28 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Tue, 25 May 2021 16:52:26 GMT
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame 16A9	14 KB 6 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 128902 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
GET H3-29	200	createjs_2019.11.15_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 40A5	236 KB 63 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64275 x-xss-protection 0 last-modified Fri, 15 Nov 2019 19:16:20 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 06:21:54 GMT
GET H3-29	200	dacia_300x250.js Show response s0.2mdn.net/9419156/1620658408223/ Frame 40A5	38 KB 8 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bd1500e9b81156d08c4c3b7c73c4dc5f48ae95e194422219e77833e28cf3eaee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 16:52:26 GMT content-encoding gzip x-content-type-options nosniff age 48568 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8014 x-xss-protection 0 last-modified Mon, 10 May 2021 14:53:28 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Tue, 25 May 2021 16:52:26 GMT
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame 059F	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 128902 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
GET H3-29	200	bg.jpg s0.2mdn.net/9419156/1620658408223/images/ Frame 1592	86 KB 86 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9419156/1620658408223/images/bg.jpg Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a528e5bfd8269b2849b03660f54e8a83962393a9e18853644a356d805f7a65ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:33:24 GMT x-content-type-options nosniff last-modified Mon, 10 May 2021 14:53:28 GMT server sffe age 46111 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87851 x-xss-protection 0 expires Tue, 25 May 2021 17:33:24 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 26BD	0 23 B	108ms 55ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssn5o9nW_GlvYUqE_LTHLypY8SG7wQBiNl4iT2-Cn3vizvwFOXfhrciRkDaNl-QyuysCO0CYOmcyIbOzeW48Gx5xTSItu70GYBI8cYmAUYXZMnU3KzmQYlu-9jRfGW6kBuZeLzRmZswoeMgRWbq1P5Rl702ldkJkzC73Ofj3XWfZhbpKiiUQrz-mkdRlNWOmtdzq213l19XwJ352TWnKvQ56om_pgc6L53DaQI00po7MOYOfEDFBew_m8HBPDhJVD97yTr23JL1jLrr28Q1NmIBysXrvYdWD89F0v5jt6hLI2muKS2V7yijUmF_BnMYd0VZDt0MODiBt3WXsweOSfpZFCXf6QRzZOwa8W5EtPM7vptKvEVoyP_WMinxvwaL7KlVC3YfKH5RKZQFgBjsLW3q53B2Lk1FkJ-3w1i_A8PCzOv_rW_4ilFrT795JRxKOewIvKvx9shQg8-HQlYMy--8AEP0ilt27TqYXIUct5Uf-tFb0WFAttSQT0P0JaNrKedXU0t9ePaejjYkW6RBfIxwU0KzOR917_XuEPph3dcVsnUubu5Si_tsgzAAqh12H6DAEGMHWFdhMFsJVMcYZZPd1-x4rFZVVATt5s8XIbpaJIO4Fx9vlIJbpMxEbAb7s8rGmBJUvazYB-3Vx22ZcXmrhUVPQ36zdC3v7VWg7EjlkS8vGz6tL9XH9ldb1L1y4t2NhMQhWZs4I14iLxx_JcJPrMK-YgLJ8ekBtLOTqqMwd09x4AAjvlPqplosmxZYVuruzyQIiVMbFVjtc90tIEEcNrpyshBEvuuAQa2xH7a894P3yaR9aFpMpro0gutR0jJsTmb0MIMD_BTUKNU1QelcoF6O8asjFnhVzdV2PKxE3QL0pyvS3IIKeaUxYmUGDPO5MlN_C7zjOBHRV-grT4BKIj3icvU2veTO_9ghyIlW4RCq7YN8kz9FlDUKmpKzUI8PPAuQraX9-XroToj6JuDg98mLKNkuxPMST_1PnQ5gZ17O0RfA8rKakczcfAHqNymfRhuHnMa5PSMBLyPSNDBhiJKNSF7R_wn_8Xwv7l4a1uB6RNjHwB4KmqRjTpZkhwwmephGzpOXL8kJdSr8f83dr2-Xo6j3yZdWupMpoLpRBm9sxZ14e9ZJ88XY8ygGpldhPlcSFSltwUa5hrt_83RW0ENOmp9fkc24C67yYIMaDjQi4Xy4xseALAPvWKY3rL3yzZtzrqCZ&sai=AMfl-YQysNFWL2v5OpDDs3gDuNACSREfiQB1EelYxp1yaCrGOPXpar0beXeVxpttnEsyII_gN0j_KKq_XFz6bMRYrKq8g9xlljpWT95NKVPCCfk4xwMRU5GnvqNKLXkNr1fJIwPYRb5Mgd-3VgougBlOfOr7H2kSAHWt61tB2zoyD_ePy2UPUIdOaL38AqV_S1bAPRDxRK-5nKOoSYSipjzBTmFD37ZORCUWLdNHdZwJ_Q&sig=Cg0ArKJSzJGS0OkOp3nlEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=311&vt=11&dtpt=194&dett=3&cstd=113&cisv=r20210517.23724&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response pagead2.googlesyndication.com/bg/ Frame 9E7A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 23 May 2021 18:33:32 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 128903 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5773 x-xss-protection 0 expires Mon, 23 May 2022 18:33:32 GMT
GET H3-29	200	bg.jpg s0.2mdn.net/9419156/1620658408223/images/ Frame 40A5	86 KB 86 KB	6ms 6ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9419156/1620658408223/images/bg.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a528e5bfd8269b2849b03660f54e8a83962393a9e18853644a356d805f7a65ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:33:24 GMT x-content-type-options nosniff last-modified Mon, 10 May 2021 14:53:28 GMT server sffe age 46111 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87851 x-xss-protection 0 expires Tue, 25 May 2021 17:33:24 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 6E2C	0 23 B	78ms 55ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHCDPfGtCu3TXZoizl3fXhzSIY92d2g3hg_d81GPN-DSFFxL5IH29WBDlMl-jwdYAnQvlcmawRKoJ1sDENnFT10fXrtheW1AAiO0o8zWrlWukfk8dPRmlIvXvEGtlJ1v4V_dizIGam2KX1wuA9czZbtz_vD_lU3mrTsJhnCAk35j94xN1g3axmFr3JTikh2Ff1xMclUf0K2T-4xk3CzeeGrzq3FwiKwSMZhU4edXj-yQV_80YZEdF50BJpRatZOb_dv9C1evxxIHcouXplg__tN26gfVwlkoCGq2k2X5rlEOGH6yG6JOGSR5E-B6DrnjO3noQ-A2UxuP-QYqCAQ8NxmPp8zdIkA-jjeKf9mgKjfcyDI7bkaSTeoDeSNUEifpqjBrf6xnxIYkI1k6k5l7xNVkzi4u5hcyOsJOLQYMwP9W_SLsb5NeWQlfvB9YWsjqU_QV5csx-YxPeP7DWyFCFfUcW9vNK-JCZtijkZtJrSBqZ6qPES47EsIPWnur3gh5-lV5vD33ZEnHBwi_a0TPiB_19Ts_1gYyl-aJ1hnYbb5Rlym7vFZMqqKMPdvs51PJwvz5rsAfdrQe7Huu87Pzkt2nPveGG3gbY74cU4fOEw2afQvA46M4wxoPX3f46mZcm9dibjFGA86zr4JTw0d-x3amdnnFf2OlrJI0lvUBK5OMj_kkFI5CCOUkqHJ9AQUs0qKPJL0TlIiBBi2uzY_Ndjek3fW5oiWf6eiukIXncrD4kKaiwlY5SdsEMMkggIg4G3CAIUd5dOSwix0CDSNdedOQ9m7S8ot-g4-axP2zsckDRoJ2QEHBJVafb87iqhVXjEbmOqYZbYS7_rHwIxlh2YraGF8d9pRYSbX0zayoCdQvG11qX3icaSmW1JS5fvFwbHKjxb-lxF00Hksz2jWrFmGXIq_HQKl4vUF6v05QodkV2c9a9AgYjQL-mtRwJHHj8oWynUZFOfjORoPjAhYxyHwifKTsHs0YubYi51um5An3xOBFVwVnsw8CbSKdhMhKWQCrteWrvNwaI2ZCuL6R4eUOzfQiX_IQ97xsAavWIy1FmNx_RNSI3LlaJbjwI5w-BwvfzXwVSI1mNyOca-cow-Y74OsBzH7KzntDZHj8cuwSCYrECuO6LWtpKR06cfNYYUHezSFrjhBSFjBuh7IbeZwppu_yOL4VGkbtedQAJpSzhd6JSNBeJ8cS-co5yXSTIHpNj2InEWzMmZ8A&sai=AMfl-YRqa_YhsunmW5ZXBksSFO8REOYZJx71OfTawph01DZrtlBnws8eyITahZZvvetIUn3YmOMU2UkCoc_aMtz52Hb7T5GyIUrAXmFoxxZMcJ8lvtkCWAxNy4PJlRB-7TDtIOwlDDGb0Ef60PksDjoKG0dO_Y8Su8jWUnGhHZt2OzYWq_GYJaTkGWl-6sqC5MPiPhmvaMO6BHB8AnZcErbh0t1CoUxqA5ZtfuzbhGzjsQ&sig=Cg0ArKJSzAnRjGQE3AtVEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=485&vt=11&dtpt=175&dett=3&cstd=308&cisv=r20210517.99647&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	image.png s0.2mdn.net/9419156/1620658408223/images/ Frame 1592	22 KB 22 KB	7ms 6ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9419156/1620658408223/images/image.png Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8757dd4b21bdee9d0274119105ade3507475d05f9525f20e0de1ccf7e06d949a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:33:24 GMT x-content-type-options nosniff last-modified Mon, 10 May 2021 14:53:28 GMT server sffe age 46111 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22056 x-xss-protection 0 expires Tue, 25 May 2021 17:33:24 GMT
GET H3-29	200	image.png s0.2mdn.net/9419156/1620658408223/images/ Frame 40A5	22 KB 22 KB	6ms 6ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/9419156/1620658408223/images/image.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8757dd4b21bdee9d0274119105ade3507475d05f9525f20e0de1ccf7e06d949a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/9419156/1620658408223/dacia_300x250.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 17:33:24 GMT x-content-type-options nosniff last-modified Mon, 10 May 2021 14:53:28 GMT server sffe age 46111 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22056 x-xss-protection 0 expires Tue, 25 May 2021 17:33:24 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame 8858 Redirect Chain https://pixel.adsafeprotected.com/rfw/st/720504/54772583/skeleton.js?ias_advId=tn270nDf&ias_campId=v1__amncamid__%ebuy!__49059328&ias_pubId=pub-6396844742497208&ias_chanId=v1__eHzN2tHl__1__${APPNEX... https://static.adsafeprotected.com/skeleton.js	17 B 241 B	65ms 64ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-95-108.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT last-modified Mon, 17 Aug 2020 23:54:35 GMT server nginx/1.16.1 age 4513475 etag "53fab767ecbd3bf07990b10246befbd4" x-cache-status HIT content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 17 Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-server-name app17.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 3C25	82 KB 21 KB	73ms 72ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-95-108.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 335221 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	dt dt.adsafeprotected.com/ Frame 8858	43 B 216 B	402ms 134ms	Image image/gif	3.226.16.32 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=720504&asId=e44e96da-eea2-4ba9-64b5-f977b702969e&tv=%7Bc:dBMWnz,pingTime:-2,time:481,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:554,beZ:555,mfA:932,cmA:933,inA:933,inZ:937,prA:937,prZ:946,si:956,poA:958,poZ:973,cmZ:973,mfZ:973,loA:1008,loZ:1012,ltA:1034,ltZ:1034%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:402%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:481,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:401,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B100~1%5D,as:%5B100~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syoWCi8+11*.720504-54772583%7C111%7C1121%7C121%7C1221%7C123%7C131%7C132%7C1331%7C14,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:76,readyFired:true%7D&br=u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-16-32.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-server-name dt51.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 16A9	0 20 B	15ms 15ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B620RgpesYLjBHOPH7_UPpZql0AoAAAAAOAHgBAI&bg=!FxSlFFDNAAZ7hX_Ue4U7ACkAdvg8WqoWEYbDdVzMlY0eNos-KWBi8Mld9hn1j4A5vke36jImiLdZMwIAAAHYUgAAADVoAQcKAQ_JDhSRkK6k2z4WmjW70QCUiIifmNvW0rpF4Eg42Ifg1YoVXnEeQuJQNMBxDoyt8u0ZjGenCV0r_CTPghmfROp2lHQc6nqh8oggrYf2zaX9qGNxsbw91HN6cqg5tE7YCfVXxazB75fHGTLgUoBkzGTbZ22AcXI6yDoLujq2fNQcL-tvy0zFRMxySOOn_jf75pj4n7G5vyHLZEXUwV9tsj_HoF0HXOg02kIk24GXJxYDunVMyoj3BvTRmyoW2MfKBlNJcBdlBC1L2bPRatZXbvx6qJG-D6RaTYIWxjNgMJi6RJa31j2AmxWldRG2qBwpi8Bn5AIZVyGt1GjketcPL5wvl4b8ktrQI9EAQSblCF7VmQJ_8efyQYPP5wbv5RrN2NfmUJhnQtfUvVhatLCfFPlWDM7LAeTEifuMjZlYOzUxAC9BmhUxtvjK7EF3a6hHKWVQAE-Dd10jfKfpLqJEviVePUnOOqznOq_VJ2hjYj3bgT7ykQWtK6t-IEYjlLf0ksyPlZNVqAMdG5R6cPKzlkKvb-dpx-PBDmhGs46kh8FvSotBdA0QIIKs-kBz0g1rqgqhLVWqEp3MWrLI-zgdKyhh_VGy--nbDzetR_Fnpc6xLl5JR4B8C0otX-pPWKnRIn55crULY6d2d-9oub23ISKMS6MlNCFgkVlLcdcLeXy3rVqVrTCsiywnHlv4vfZkqVrwo2izmhBkYBstvEUfApFu_Kbnx0TLvbmLN2_Mks_XNads0ncVFtUmnJizfhhyNNFjquz7GAt1WWbZZKs5bWTD_2dXFrWBKulIbpGTi-np07ZJtIizhp_bTuaJRnXhneONBqsJPTDtvAiP3Hm7O0ahEaBcuchqs8o1pvDMOjHe_v1I9VVjr4c3-JvwwUTY2Tz1YXEJEaAeTT-QAq0rzW9T4RN0rJAgLxqJZdGYwL83D7uMY-20JoOiCz6UWLEMKU8ZDtYfqhWcqjcIGIptXG3ltia1J2y2LbO2EeMZUX46WTnm_dIgilZ1JIh5wIGz35bq0-jXZs2PWeYq-7hTiG4R2VkZglYuojVMUk4stYEVJxJGWYtvvHjfWPNjBBkotJyvC9SKYUQS-l8KBb6k6M-mWtGJR-ykyQkKLxXYhm3eCKm4RNVhkS5_jm-ofPM5YKy4zpw85B2lAE-eXLMGxnBCQ8NfPwQ226CZ46fdeBA2qqYQr0WxPZ5MlN278SQ01X7v Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 059F	0 20 B	15ms 15ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6xK1gpesYM6GHIOV3gPx5aPICgAAAAA4AeAEAg&bg=!8vGl8bXNAAZ7hX_Ue4U7ACkAdvg8WuF-seT-mTFtB1MkwVE89WTEqCqsdMSc317fzLdiubgdah4UoQIAAAHCUgAAACJoAQcKALipMZVhAeLl3zRKSLIUuQtupWJcJIFaedZQ1PMzNe8tueuWA_hxyOzph_4OE8aywx_gmvJSAa624GIoi5ndPxh0iSJZR3dE7QwuT4mjuWUbWUGAiyjhV1tdepAERGU54vwMtWsm8nLsQazGuNW6NY2vYgXO5ZAY4kHtppOj3X5nvulAt3D-blMjeLxvh7Xeh5vpNBT8AehFARRGw3wpJlTCKcJt3VCs3Ck8MBT6E7GzhTT6_E3X1dsLmQKIQ3pNrN9Pvi_OJDo1BJPaiwCEa8Ne1gU0ZHOlBqaoQbyTg1Vma1CtQ0hku74UdFVrV7VnV7mtR7TD_dIyAWhM-X9mXO5ov01I8PSJP3-rAvBaqXoy75NuW78AbLjDS6pCZCfs3a3g52qulpn5-ltpRRVg7wRUppiobxURfL8fj2nlTdqbmEDM3JaXI3B1lDzwwt8Tbx3aShTwMLvmF8yFqs4o8-D-BubN557A7zIfpeDZSmkJfwoR-1f3ex2uzESPjh8JhrKIn9JDBJFnTVZ1xsmw5pblAqHvYTSA9FYkJqkZ-00usTIFazyJxbLnJxc25XcZLsD79fyifs51Oi7vHLdDbmIfQLkE7eTF81REr7GsKe-2Y3MPaLWS__RsFi7qHPA7a6tgZU5DouAqUxZla6-qTFzusv_8bEn8sVUzSYZ2V0NZ_EQQMxnMGacfFzECI-9xOXZ559visu9tMmvohDwMsm18gEqbyHJ9tHd827LwWzfaWjIETYRWzkuYKMgQtR9Z-Ui4Ycd5zl-14T7Ckz00zB6xzuQMMGwRzo2vkR8Q8YW61hHbugo4H-4TIdD6E3sd5UklVu4NMgQTTKFLT8WGRGJz539nTZN9HT4t5UyPvDUJ8QA2uFeY34bWm0eUC_3Wl3_dSiYwX0yrtLcp4-Hsja2ZgwobF2Sljpw_7hK0wEcOZSsEtwrb-Hoa7qrR68YyziUBVsMRLYdG8jOQYKOUSd2IIam4WYkO1-qJ243zOhaSW0ZnFoO6qvAOjK1U5m3H1y4GrBAzetqbvYNHnFxU0ljPMzTXvC3s0OW3_tGjrUCOUs_xUwRNIP33yfjheQdRVqkRwhPldqog9iFW5G2JlDsgNV8z Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9E7A	0 20 B	15ms 15ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFzzjgpesYM2UIZ6t3gOXyLz4DQAAAAA4AeAEAg&bg=!7O-l76vNAAZ7hX_Ue4U7ACkAdvg8WmD5TynWfFc2o-w590W-omuhQAFG3enYqTqvOaxfywrUEztv-QIAAAGlUgAAABNoAQeZAo34dT4N_xAcEo3aR1UlfhwEBcyg1zJBoConTXZp81pSnBHOqTauAZC8VNdiX_4h1QdVzEFUoYUM7Brf0gcoscODHlApupc0HA2Q4UtsC8lbCBww2nvgkFQixAqgfus879_a7FBzicBb5Rld8PxR8RPgYtHKtzIvucWQi0ZPAlUj6ukhPeuVxUZVonHhamqmP2d7xvuYJvDzvb2SwsPS5AVD-oj2qstALOKm3yLje9Zju574dK-RR0Kq98tGRJp2MucbYE0m8u1_xQ433d4bBixF26VA23kejTCykYcnm1q0XoHusLO_hltt8TOtSIP_urYP1jfWv-u63WJJg2myyOscg5c0ZakrjGpQPdidHHpF3rEDZdZC2M-tm1xQoa8OADjDESzBbq7EC1-Z3t3hAD-Fx-uQZyuo2A6ywgNlo_4IiJgJxoEbfKLr1wCSYq7rRfVL-RNN9zpLU30gdyqIwNZBFyfA9_gtNDwJxoTVbCVrX_NEciI6_DlhdQ-7bj2Z4VHxpKKXlrTwbtiS-3bCkJRaLbZ8N_HEf3bWgZOk6sWITZIzYn4awA5YY3EpIWDt6VDUrFjSSEnMOBiuCXKS1miHaFCQyDc_5fjQchkH75IDSAlg6qqoekKVoFx4l0-k3EX6UlwK776jF2Y5Xhuq7rFzJXeqVjSDWl1KNtmKnxxMFTS4fIMaTU-5uQniIqUhXjOjumfzLhMxamGSgFOCfPAkiS-cFmuIysXegzpwvSM-gINNpMvwHuHQMonRm3P8q6FYBwzjtoYzCPUY-suL_r1HEdNi0eOip2m573u7mHydYM8lBdHA_5pcOQVafiRRgsnIf7_c5UStcf_AT-E-zYZSv5bExKhkp6P_UXvL-Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 8858	43 B 215 B	134ms 134ms	Image image/gif	3.226.16.32 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=720504&asId=e44e96da-eea2-4ba9-64b5-f977b702969e&tv=%7Bc:dBMWuc,pingTime:-10,time:892,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621923715815%7C%7C1e65d6d75d44567f74258ff0a7896411%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C6cbc46b5bd99346e881d4c2f15c8f685%7C%7C24244ac4cf1c3ccf1c3acf75c7fed5be%7C%7C8c2ae1a340a4c876ab486140222d2f1d%7C%7C3a8416d91e38b44156eb1914ea4a184d%7C%7C6d0bcaab4af02ec7991cb9eb7733ece8%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.226.16.32 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-16-32.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-server-name dt19.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6E2C	42 B 64 B	38ms 24ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumBnHR-UGkBQusb9tRgDZ4PBuPBy6Z_oSKv6KzEUM8udR-_XLoRMxyoLUvGAK_vkXDzM1W4R0PfpIs9hKSa712zAm6jhJpokQU70qV03x3-aV0MJ1037dBwBb-tA&sai=AMfl-YSo8LutrmWokVyzvQFLVffQXPUkBjPw7NZ5dNnqKUFDZFIhqJ95o2E_mRRdTFyLcs0FofKkDcTYk9shb7lmGfDm92L9m2bRXwTJGSRpTVFAMaewuQq4OKJpPfk5lnQm&sig=Cg0ArKJSzHZR5A9vMK-5EAE&cid=CAASPeRoa76-JKYv9ZTv4DaJAtv5eZDiCP-eGAm3DBRmZijceC8WSPnn301kCsPJXn0gZW-X5JjsQW9F7oH-aqw&id=lidar2&mcvt=1043&p=171,650,421,950&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3122676339&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621923714381&dlt=34&rpt=410&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 26BD	42 B 64 B	17ms 16ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4iNIrNmI75sNlqvJbe4UgC3cFzHfgYQmMt0k6xD8lgosaI1Jz79yYP_RQOC-M0R_98D5WACIUHjNLkbDydUoZDzOf44Py7UQz8DlehEaKweTnUzdmLq6IsPlhIQ&sai=AMfl-YRwH7jKVCJOP-eQDiGEmI2TyP5o29ZJteAbruZUsuH-pc7qDnskPuRVJNGJU7D0r2VWvi3Xnb6Ui-WdTWSnGWEVJgz1fJSl29VTbDUYG_stgYQ5wQqhsRFNa0u9Gecp&sig=Cg0ArKJSzOCY9FyACSt4EAE&cid=CAASPeRonUA-FWPHZwzeG5s1QYBMBtA1G37-tQbVqvrb7SBF73utwCjYO6jT2ZZ8C67IV4DKEzE-jRCk6xeD20I&id=lidar2&mcvt=1002&p=171,327,421,627&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=840336167&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621923714385&dlt=36&rpt=494&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	55ms 55ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:55 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:56 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	48ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzcifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:55 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:55 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	48ms 47ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ== pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:55 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:56 UTC
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8858	42 B 64 B	20ms 16ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWApvTBVYyKk-LQ2OrecuoYHMvrSYCPZF5aMTuiSzK5Xc89SM7kbmp5tNy_-Zbh3GcUmUuFeVimXVJ7rPxUe4iViZkiMRs0o06TDPkwzWhPv5i&sai=AMfl-YRNzHhIUsGAPBhnlS7SqEKjnpM9P1jPfY0vx0sj09LibG1c_P3s9-NXGJ6THjMi2Cd1jqACNRIOuHdlbeD_x2lIlRdeOO5WUHcpKtJ6sAjWi2XGaGebxnTf8MQwjJG0&sig=Cg0ArKJSzBNv8Ec9m4yZEAE&cid=CAASPeRobvgM4Dwk9iMZ1tKllIjKh6Cx4LbS3FN1aoMuQ0X5Pa-oQIRGE3b9h5ErP2OODmwQMLWEKG9FyEc-C6M&id=lidar2&mcvt=1001&p=171,974,425,1274&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3122676338&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621923714374&dlt=44&rpt=586&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 42 B	49ms 49ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMiIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache cookie PHPSESSID=nfdc2j0i2obiha8cqar1ml9d7l; ezoadgid_174954=-1; ezoref_174954=; ezoab_174954=mod1; active_template::174954=pub_site.1621923712; ezopvc_174954=1; ezepvv=0; ezovid_174954=713473710; lp_174954=https://trovas.ch/; ezovuuidtime_174954=1621923712; ezovuuid_174954=b04c13b5-bab9-4a04-6104-e3fce40050fc; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1644844855.1621923713; _gid=GA1.2.947538500.1621923713; _gat_gtag_UA_4377331_90=1; ezosuigeneris=d0c4bbab4045b0c9809ad9d5ae8e0137; __qca=P0-56677132-1621923713327; ezux_lpl_174954=1621923713663|e8f6fc7b-d109-4bcb-66ab-6675243a8c0b|false; __gads=ID=9234955f19090154-22c1decf1ec8000e:T=1621923713:S=ALNI_MaiKc6p_pVG3Y3-IPeu1OSsYTs6dQ; ezouspvh=8; ezouspvv=24; ezouspva=3 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:56 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:56 UTC
GET H2	200	integrator.js Show response adservice.google.pl/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.pl/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 14ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	454 B 777 B	474ms 474ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=955085961454281&correlator=1185365526907481&output=ldjh&impl=fifs&eid=31061260%2C31061270%2C31060976%2C44742768&vrg=2021051901&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=a%3D%257C2%257C%26iid1%3D99985%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-99985%26eb_br%3D54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D30%26br2%3D32%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D146%2C193%2C133%2C4%2C119%2C122%2C142%2C20%2C26%2C135%2C187%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%26lb%3D60%26reqt%3D1621923716827&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621923716&dt=1621923716832&dlt=1621923713054&idt=409&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1644844855.1621923713&ga_sid=1621923714&ga_hid=1642158966&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash ce59659395526cd9f9f0213ab5916a953b4f35c0786f9ac6b14a584759bc17c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:57 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 242 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.pl/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.pl/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	16ms 16ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=trovas.ch Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	64 KB 26 KB	517ms 516ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=955085961454281&correlator=2298839716196605&output=ldjh&impl=fifs&eid=31061260%2C31061270%2C31060976%2C44742768&vrg=2021051901&ptt=17&sc=1&sfv=1-0-38&ecs=20210525&iu_parts=1254144%2Ctrovas_ch-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=2&rcs=2&prev_scp=a%3D%257C2%257C%26iid1%3D99985%26t%3D134%26d%3D174954%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dtrovas_ch-medrectangle-2-99985%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11304%2C11307%26asau%3D2815475924%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D12%26br2%3D32%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D146%2C193%2C133%2C4%2C119%2C122%2C142%2C20%2C26%2C135%2C187%2C31%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C18%26lb%3D30%26reqt%3D1621923717344&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1621923718&dt=1621923718349&dlt=1621923713054&idt=409&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1108&adks=2530142577&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftrovas.ch%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1644844855.1621923713&ga_sid=1621923714&ga_hid=1642158966&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 96532d5a9370937b6f8fb9b1d062edb3ba607dce47ab0257d73ee913ba319046 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26501 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://trovas.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijk5OTg1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTQ0In1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTBfMSIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTI2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjM1ODQiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtYm94LTItMF8yIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMjYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijk5OTg1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTQ0In1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:58 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 49ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2MzkifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijk5OTg1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYzNTg0IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2MzkifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MzU4NCIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1ib3gtMi0wXzIiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEyNiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI5NjIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE3MSJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijk5OTg1IiwiZG9tYWluX2lkIjoiMTc0OTU0IiwidW5pdCI6ImRpdi1ncHQtYWQtdHJvdmFzX2NoLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlBMIiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:58 UTC
GET H2	200	container.html Show response fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 924D	6 KB 3 KB	8ms 7ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://trovas.ch/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://trovas.ch/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Tue, 25 May 2021 06:21:53 GMT expires Wed, 25 May 2022 06:21:53 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 5 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxNGU4YTg1ZDRjNDJmZjFkYjg3OTBjYmVmOWUzMzQ5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDMsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxNGU4YTg1ZDRjNDJmZjFkYjg3OTBjYmVmOWUzMzQ5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDMsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie __gads=ID=b4a4b895ec3d2c71-223fffd51ec80061:T=1621923718:S=ALNI_MbU8cAk2mFjMeHtsdpIbp9ETT4lUQ; ezouspvv=12; ezouspva=1; ezouspvh=12 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:58 UTC
GET H2	200	28687274 Show response g.ezoic.net/dac/	0 40 B	47ms 45ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://g.ezoic.net/dac/28687274 Requested by Host: trovas.ch URL: https://trovas.ch/porpoiseant/banger.js?cb=194-4&bv=19&v=51&PageSpeed=off Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 25 May 2021 06:21:58 GMT cache-control max-age=3600, public server nginx/1.16.0 content-length 0 vary Accept-Encoding content-type text/plain
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTI1In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiOCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache cookie __gads=ID=b4a4b895ec3d2c71-223fffd51ec80061:T=1621923718:S=ALNI_MbU8cAk2mFjMeHtsdpIbp9ETT4lUQ; ezouspvv=12; ezouspva=1; ezouspvh=12 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:58 UTC
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTksImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjYwLCJiaWRfZmxvb3JfcHJldiI6MzAsImJpZF9mbG9vcl9maWxsZWQiOjEyLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NjIsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImF1Y3Rpb25fZXBvY2giOjE2MjE5MjM3MTksImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiYmlkX2Zsb29yX2luaXRpYWwiOjYwLCJiaWRfZmxvb3JfcHJldiI6MzAsImJpZF9mbG9vcl9maWxsZWQiOjEyLCJhdWN0aW9uX2NvdW50IjozLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NjIsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== pragma no-cache cookie __gads=ID=b4a4b895ec3d2c71-223fffd51ec80061:T=1621923718:S=ALNI_MbU8cAk2mFjMeHtsdpIbp9ETT4lUQ; ezouspvv=12; ezouspva=1; ezouspvh=12 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:21:58 UTC
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame FA23	624 B 582 B	17ms 17ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 25 May 2021 06:21:59 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkQEmHxItvEbpD055OJcx5GZUe_n9tRDjihQIuFwKchxlKcQq8xDCDl7k6t; expires=Sun, 19-Jun-2022 06:21:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 25 May 2021 06:21:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 924D	111 KB 38 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 14:58:51 GMT content-encoding gzip x-content-type-options nosniff age 55387 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 14:58:51 GMT
GET H2	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 924D	6 KB 3 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp_fy2019.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 22:53:09 GMT content-encoding gzip x-content-type-options nosniff age 26929 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2661 x-xss-protection 0 server cafe etag 7752240862628680351 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 07 Jun 2021 22:53:09 GMT
GET H2	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 924D	17 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:00:03 GMT content-encoding gzip x-content-type-options nosniff age 1315 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7009 x-xss-protection 0 server cafe etag 607056201285360291 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:00:03 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 924D	42 B 63 B	20ms 16ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BX8I5DGNmEXtmHw-XunOWgQlJMC2ChppDiHMXaWEtrpgWvBE36IDgWkAcmKhtQASElq6VVERlwyRE_qdepjD6V_HbhKfQ7itEvws-4Q7bIGiHZWPo Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 924D	2 KB 1 KB	11ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:20:15 GMT content-encoding gzip x-content-type-options nosniff age 103 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:20:15 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 924D	119 KB 36 KB	16ms 13ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:58 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1621855623965245" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37215 x-xss-protection 0 expires Tue, 25 May 2021 06:21:58 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 924D	13 KB 6 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:11:18 GMT content-encoding gzip x-content-type-options nosniff age 640 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5621 x-xss-protection 0 server cafe etag 8169261014141303515 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 08 Jun 2021 06:11:18 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 924D	0 0	15ms 13ms	Image text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2-dsXkjm5bqaV7Rd6sdYo8gnDwe5Mn6DZsc9LMIp-Rh8CcQmxoDNbM7AiJ1ABlg_ER6qLvwyEnN97ugVIVo2ocDRZcQ Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 924D	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 18:00:25 GMT content-encoding gzip x-content-type-options nosniff age 44494 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 18:00:25 GMT
GET DATA	200 OK	truncated / Frame 924D	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5c21d03b177266704bc1728c98af520b8e0e3dc1487eb671203aede039adcb67 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 924D	0 52 B	62ms 62ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5U2lzkPsj5dOrnLoaXGygvryJNfETmainQJIYKS8DWc6ivwIEK2oJWHCXTG3f04nX1AHuLyTgNNp39RWpN6vd-um6ZZBe_NuSysjlyCwHm3VyKLz84O0O____mw4wVAwgAzzNpuo1eNzJVd63Q8r3Tr1MHnBmxXOB0gl79fmSFRTqZLn3PveFJWR7kvZH8mVkdFdydgWjczKvo3d7pjfzkcfldFk1sNVS0kcuqj6XBy_-w-CIqDlD_EkN67_hXkSpTm3Ny1QWG9W_terbS5aQDRfEwa_5U8o3OwGuCyV06wliCaZ5KRNi_7Za6h1Eg-C-tC6EHmqgj933oa4bXHiXJL4SdWK3FPc2FRpJJhdl7m4eofi2CgQoSk2hI_taFr4x4cylJwMFbpG39sR_nTcnkOiKajxFoYrZDXtX9e2YnuYh2edchoNgPyJgqk9Lgo1DdStXrha8R5yNgmCzVcAiu28TpTGZsobA8fi2Wj55gzX6ABWX7f918TioAACv-nKqSvaOryY3d241VxYR0Pqn6c9uNEcPqJtQ1MjCUIsZxIrbyDffrS-5gXmW_YlYypDdwlo9MWkyiXPOEkEawGGtlKm0wftNkUh1TI9bfZbG4KOKnsMg2sZDKLVdZfstZAV_wthwNNN6JU4WGilAD_KiSMRm5geetS42rPmtEYmiuDmQlwtfxAvkzVq7ZzfH9qD0Nm8H7_txdrMANqV9WbZJcWJW8m_85ZeJ5Y5OPh2kUnt1KClZE1_vgOWhtCQVL3kJUk-8ryq5-3S37OpH4C-rpZNwX055KiZELuBke47qK3UR08-REgHNyNwxCJ1Bw1FrBlaVMXFRRhTSy5dKApFg7iQD7iUKnzd-sRwZfLakW8tGm1nqmT3EyU6PQYQc0T-1d8Nna6lP7Q8OczkGHV9m0J7rjPh4CyeFCsTCqRXdnYZ-rd46MkxqnM8QuHhybBd6IIwKsLk1R-t84ZUR9zGcxxFVlxIl0cn53ExYbFkix9T627IxcemtHRkLZ8oWXvSpzJ38TZmFIIq4o0oEExOMRsTtDo6a8dqXL1SZZYwDBB6RzpKQVvm8fAhzZDZ06LnndU4bP1KrGsDu7287TWeD_63PflihixdjRQi6t9WPe6-WhWMYNX6jPlb0K9qFqt93RzNp_g&sai=AMfl-YRESw0_ffseUT_sGL8xjUU0OIpQP6U3qmoJE2Q627C9eikMysqx6b9I3kxsYmiY9uUrhdY53tXhgsfmjpGM9eBPL3P9QKF2W_oku-QLoZvNKhdsKtvzty8QAg0aPds-OXQKiII7C8eBfSnMUToZGMo-2z3Y4zH-APp61ISJn6USvdkomG7c2Ek12B2C5EQ9YiTrrMtnBnkDFCFfToy3t_YO39zPDh1JbHdoXVtOxsdBZkBtWv0PZVVhOEP5NX_7Q35CVauTuY3qqUSgokUewoHzeJUZQ6IdzYTVf28pLN2Llzm4iCg7oAOpnqw4W684lOMFRi9jJtGmjL9gB26Lct_GYdxGeDkE8JVaOW6fugV5qcU2XX1mamt61V05kYz0Yxt7qXde&sig=Cg0ArKJSzKXImfBA_eiMEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=170&cbvp=1&cisv=r20210517.60703&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 25 May 2021 06:21:59 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	15322013301352192286 s0.2mdn.net/simgad/ Frame 924D	12 KB 12 KB	7ms 6ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/15322013301352192286 Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e2c98f6928dc8ea780d5249014859fde083c1842931bb19baf74ac7cb2916cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:47 GMT x-content-type-options nosniff age 418752 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12213 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:28 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:47 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame E498	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Mon, 24 May 2021 18:00:25 GMT expires Tue, 24 May 2022 18:00:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 44494 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FA23 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&C=1	43 B 1014 B	64ms 63ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:59 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:59 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Tue, 25 May 2021 06:21:59 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FA23 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YKyXh.yhqkzSmAHJ59rEfgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&google_hm=2	43 B 894 B	61ms 60ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:59 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 25 May 2021 06:21:59 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ3f-Thf-TOlFq5-sUQnK4U&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame FA23 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEICZAW_XdaUP3GKVaLm9Ask&google_cver=1	43 B 1023 B	87ms 86ms	Image image/gif	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEICZAW_XdaUP3GKVaLm9Ask&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 25 May 2021 06:21:59 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.187:80 AN-X-Request-Uuid c9190e37-34af-45a6-bd50-b6d68a29ce40 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 25 May 2021 06:21:59 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEICZAW_XdaUP3GKVaLm9Ask&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FA23 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MTE3ODEwOTcxODkwMTMyNQ%3D%3D	170 B 188 B	51ms 51ms	Image image/png	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MTE3ODEwOTcxODkwMTMyNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY5fWRqgEwAQ&v=APEucNXsNnaOWcUe8aZ8rPsy9fkPMiXwBE64jFTp5f2tcjjpPNNw2yC4owrMUzWAdG9ySrDT7ah4HN1jy3N_LLKqSAwaMYaYmsMufpMSMm037zrp4PsEEJHMdjBHZ7v_7_n9HhCtlkUfinHLNSc8yADtK78B6NV0AA8VvFulJhg_R4GqY_p4frwJxCnSMA2eh7o7hlOMid0XQuUbxWvlN-HikP0soD_EHL6bseTW5S3wzZFznc3EfgI Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:59 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 25 May 2021 06:21:59 GMT X-Proxy-Origin 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.45:80 AN-X-Request-Uuid 52d110df-d00a-4d32-8a2c-6adab539d7f5 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg5MTE3ODEwOTcxODkwMTMyNQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Show response pagead2.googlesyndication.com/bg/ Frame E498	14 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/zue3njNLpzxGAZrYILNRV_oDQoN1Bf4uoYDHWIdg9NQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cee7b79e334ba73c46019ad820b35157fa0342837505fe2ea180c7588760f4d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 24 May 2021 08:12:48 GMT content-encoding br x-content-type-options nosniff last-modified Wed, 12 May 2021 09:08:00 GMT server sffe age 79751 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5790 x-xss-protection 0 expires Tue, 24 May 2022 08:12:48 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E498	0 20 B	16ms 15ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1WG1hpesYNOSGc7b3wPw_JToDAAAAAA4AeAEAg&bg=!BQalBkLNAAZ7hX_Ue4U7ACkAdvg8WpB7dXWICKD1fKqDBMcOPPhuEAgTfwnahx1ng1N0CDyJjun77gIAAACPUgAAAA9oAQcKALvuU7klkhAWa0hpyV9uYZXQgQ1rCtk8GOoKa1OT8K9fa8ImO-kkPdnjjuLxgBWa1icIRr7WdBEqVAQMQC7rOIE3vOnNYIVGngcbt672jXhVDA1KxbfkUzedfxcdmkdwfxbY8NxYkBgtNPRr57BZdOE9jZA500f0eM7Qapi-wmCZlYNFYfB85VpHAo3SGxJk_YjIZqWc2_U4MAuO38BhNi8K_BWUKDzqoH7gNjakr0sfWDeVxLyozgtMQrvdmQKRaWDf1PLJxChWdswtcv-CVxLtspq3eaabENRGzAslniHjDATwJIbkcfm1iX8TTPwUodmxeh6e1lNKZikySh-7S_44R4EQjwtMktAX7mJUFC2_f37_im293d7kmpZdeC8LwSfQVUe2QKvF6KP457e3x6GdPyfrRJnt68-RD-EOW9zsqr7kgLZeRaHcmwqT4jybzUT5SqyC9h6M1ZT2dIWuFdtGFzN-EqWNjLvB8Q5jZXrTajCobRzo6s7A68iaRCGDfJsiHYt2Bw-6kwsjkUI3BkMre8NnMwKCc52_P9o43IiHqmceNyUcjt1OaIepqHUAqQqNPAL855cq2m1oSY0H3jQzwlMG6g_7cZYlhxPC2-mqNibWc9UhI5jbB9BN2LJ84PD9PHScWULfzyJgya9uC-Eht7hwLSXx5DDVgwNUuSu07lTzcKvXoYnS7oIs6DPNc60y1K7H-SRO67Brx1Z-qOVnNyxcKR7rigjvY2Ss5W8q7EmcUpPZixDlBr0UEiEQZnpl4McLehdV7e9tC1_OONAjwv1Ss0nUsvjV6nM0VKeKRsxqOHSNiwmsUr1zoukJCZKVRjBEaflIrGwlVEizvpXnHNd8JmiTNoST3ZFgvwMiJn4KuhtlIhra2ZmjEEMVRALonQG4WsSHMppqvFeWJK_zQJHwZJUjARTaIQkfJbv4DUCGTSNRYrLNSnbXBrCYcPD1CyEaxmRDUc5OT4YE3NFt2AFM2DxnVL0hVB2ZDbghS_7IvVj9Wa8Ah4wg83bytA8lQCCDaM6pTGQSaVUQrA7meVH7OX_TKW3wX01hgZSQa4u_ZE9AzSyz-U4KrXCCzgGsfN2YbtwoetHpdtH9SSfC-AxptYlNZcLcg2Ua3hoN Requested by Host: fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com URL: https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:21:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 924D	0 23 B	56ms 55ms	Ping image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss5U2lzkPsj5dOrnLoaXGygvryJNfETmainQJIYKS8DWc6ivwIEK2oJWHCXTG3f04nX1AHuLyTgNNp39RWpN6vd-um6ZZBe_NuSysjlyCwHm3VyKLz84O0O____mw4wVAwgAzzNpuo1eNzJVd63Q8r3Tr1MHnBmxXOB0gl79fmSFRTqZLn3PveFJWR7kvZH8mVkdFdydgWjczKvo3d7pjfzkcfldFk1sNVS0kcuqj6XBy_-w-CIqDlD_EkN67_hXkSpTm3Ny1QWG9W_terbS5aQDRfEwa_5U8o3OwGuCyV06wliCaZ5KRNi_7Za6h1Eg-C-tC6EHmqgj933oa4bXHiXJL4SdWK3FPc2FRpJJhdl7m4eofi2CgQoSk2hI_taFr4x4cylJwMFbpG39sR_nTcnkOiKajxFoYrZDXtX9e2YnuYh2edchoNgPyJgqk9Lgo1DdStXrha8R5yNgmCzVcAiu28TpTGZsobA8fi2Wj55gzX6ABWX7f918TioAACv-nKqSvaOryY3d241VxYR0Pqn6c9uNEcPqJtQ1MjCUIsZxIrbyDffrS-5gXmW_YlYypDdwlo9MWkyiXPOEkEawGGtlKm0wftNkUh1TI9bfZbG4KOKnsMg2sZDKLVdZfstZAV_wthwNNN6JU4WGilAD_KiSMRm5geetS42rPmtEYmiuDmQlwtfxAvkzVq7ZzfH9qD0Nm8H7_txdrMANqV9WbZJcWJW8m_85ZeJ5Y5OPh2kUnt1KClZE1_vgOWhtCQVL3kJUk-8ryq5-3S37OpH4C-rpZNwX055KiZELuBke47qK3UR08-REgHNyNwxCJ1Bw1FrBlaVMXFRRhTSy5dKApFg7iQD7iUKnzd-sRwZfLakW8tGm1nqmT3EyU6PQYQc0T-1d8Nna6lP7Q8OczkGHV9m0J7rjPh4CyeFCsTCqRXdnYZ-rd46MkxqnM8QuHhybBd6IIwKsLk1R-t84ZUR9zGcxxFVlxIl0cn53ExYbFkix9T627IxcemtHRkLZ8oWXvSpzJ38TZmFIIq4o0oEExOMRsTtDo6a8dqXL1SZZYwDBB6RzpKQVvm8fAhzZDZ06LnndU4bP1KrGsDu7287TWeD_63PflihixdjRQi6t9WPe6-WhWMYNX6jPlb0K9qFqt93RzNp_g&sai=AMfl-YRESw0_ffseUT_sGL8xjUU0OIpQP6U3qmoJE2Q627C9eikMysqx6b9I3kxsYmiY9uUrhdY53tXhgsfmjpGM9eBPL3P9QKF2W_oku-QLoZvNKhdsKtvzty8QAg0aPds-OXQKiII7C8eBfSnMUToZGMo-2z3Y4zH-APp61ISJn6USvdkomG7c2Ek12B2C5EQ9YiTrrMtnBnkDFCFfToy3t_YO39zPDh1JbHdoXVtOxsdBZkBtWv0PZVVhOEP5NX_7Q35CVauTuY3qqUSgokUewoHzeJUZQ6IdzYTVf28pLN2Llzm4iCg7oAOpnqw4W684lOMFRi9jJtGmjL9gB26Lct_GYdxGeDkE8JVaOW6fugV5qcU2XX1mamt61V05kYz0Yxt7qXde&sig=Cg0ArKJSzKXImfBA_eiMEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=479&vt=11&dtpt=309&dett=3&cstd=477&cisv=r20210517.60703&adurl= Requested by Host: trovas.ch URL: https://trovas.ch/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 25 May 2021 06:21:59 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	index.html Show response s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	6 KB 2 KB	7ms 7ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74410bd7770424377b0162fb09bc4b3babf7ebe896f067882f3b1f09da17542c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /sadbundle/13028659708621893093/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1749 date Thu, 20 May 2021 10:02:57 GMT expires Fri, 20 May 2022 10:02:57 GMT last-modified Thu, 20 May 2021 08:10:25 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 418742 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	hp_styles.css s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	2 KB 759 B	8ms 7ms	Stylesheet text/css	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18255b774b4999acd66ce68140a485ef5fe49854f14b626f2c8013b5cf3ced7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:58 GMT content-encoding gzip x-content-type-options nosniff age 418741 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 732 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:58 GMT
GET H3-29	200	tweenmax_2.1.2_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame DA9A	113 KB 39 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:21:59 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39910 x-xss-protection 0 last-modified Mon, 11 Mar 2019 14:29:26 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Tue, 25 May 2021 06:21:59 GMT
GET H3-29	200	hp_main.js Show response s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	3 KB 815 B	9ms 8ms	Script application/x-javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/hp_main.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74ae031317e53bf393bf471edb200ba9c79c333dc85fa37304bec3a1a5bf6c7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:58 GMT content-encoding gzip x-content-type-options nosniff age 418741 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 788 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:58 GMT
GET H3-29	200	Img01_1.jpg s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	12 KB 12 KB	12ms 11ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/Img01_1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e9aa5e0dab708e1ae9f2ad1d470935e9dee524b5d436e5e9f1ac783019a727ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11832 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H3-29	200	Img01_2.jpg s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	11 KB 11 KB	12ms 10ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/Img01_2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fcec1a8a40b13c6a50bd4ee7e00a97d09f5a20bffade3972ba7819eb2a695cb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11657 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H3-29	200	txt02.png s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	2 KB 2 KB	11ms 9ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/txt02.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdb25d5387b2346d206c779841ffe88889beccb2bf1576a3aa10be3c54d3d298 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2455 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H3-29	200	badge.png s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	3 KB 3 KB	12ms 11ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/badge.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f482cecad0c4159b201122a69e87083987387cad3f78852f33e1ed85f67e667a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3201 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H3-29	200	cta.png s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	1 KB 1 KB	11ms 10ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42196bcbb7f950c76b40ae9f4afbbfe92fff143795e84ea334bf22ba854479e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1157 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H3-29	200	logo.png s0.2mdn.net/sadbundle/13028659708621893093/ Frame DA9A	9 KB 9 KB	12ms 11ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/13028659708621893093/logo.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68ac1fbaaada9cb32ca1b7a863dfb13be98be092908264be65b9896500484770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13028659708621893093/hp_styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 20 May 2021 10:02:48 GMT x-content-type-options nosniff age 418751 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8769 x-xss-protection 0 last-modified Thu, 20 May 2021 08:10:25 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 May 2022 10:02:48 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 65 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:22:00 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:22:00 UTC
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 924D	42 B 174 B	16ms 16ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoKotWvgnjG0K_mAGnwabB30cSnLFhXsF9nryof9bBW7S4dF6VQDbckeOonzdSKVZGRfmuP6iHreKC9GS6pm5MsJJ2tc8TvaHh_03SlNyjLTMlykfjgOiSOaWtAQ&sai=AMfl-YQPUEURrKKOJQd8BqxeSicVDM2BAxinan0ZCsqTXhIzpnRWqqEw2xQ54EY414e0tCbhz_4aQXUMKkn4MRyeCMaK8H70utq01LKa2KKnMeigecD8yq2o9q5Ex0kRmaZa&sig=Cg0ArKJSzHQlBzu0Nf37EAE&cid=CAASFeRoimiSKhwxTvhwGLXrsHULxD7z9g&id=lidar2&mcvt=1000&p=1108,436,1198,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2530142577&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621923718913&dlt=14&rpt=1&isd=0&msd=0&r=v&fum=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:22:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	army.gif Show response trovas.ch/porpoiseant/	0 19 B	49ms 48ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxOTMifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiOTk5ODUiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ1bml0IjoiZGl2LWdwdC1hZC10cm92YXNfY2gtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjE5MjM3MTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiUEwiLCJwYWdldmlld19pZCI6ImU4ZjZmYzdiLWQxMDktNGJjYi02NmFiLTY2NzUyNDNhOGMwYiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI5OTk4NSIsImRvbWFpbl9pZCI6IjE3NDk1NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXRyb3Zhc19jaC1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMTkyMzcxMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJQTCIsInBhZ2V2aWV3X2lkIjoiZThmNmZjN2ItZDEwOS00YmNiLTY2YWItNjY3NTI0M2E4YzBiIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxOTMifV0sImlzX29yaWciOmZhbHNlfV0= pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:22:00 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:22:00 UTC
GET H2	200	greenoaks.gif Show response trovas.ch/detroitchicago/	0 19 B	48ms 47ms	XHR text/plain	18.156.95.187 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trovas.ch/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= Requested by Host: trovas.ch URL: https://trovas.ch/detroitchicago/cmb.js?gcb=194-4&cb=&01&00&03&04&0d&06&07&0a&0c&0e&11&13&17&21&23&01-100-103-1004-10d-506-507-70a-30c-30e-211-413-317-1121-123-19&cmbcb=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-95-187.eu-central-1.compute.amazonaws.com Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers :path /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJlOGY2ZmM3Yi1kMTA5LTRiY2ItNjZhYi02Njc1MjQzYThjMGIiLCJkb21haW5faWQiOiIxNzQ5NTQiLCJ0X2Vwb2NoIjoxNjIxOTIzNzEyLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI0MjI1MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMwNzc3MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiODcwODgwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI1NDQzIn1dfV0= pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority trovas.ch referer https://trovas.ch/ :scheme https sec-fetch-site same-origin :method GET Referer https://trovas.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 25 May 2021 06:22:00 GMT server nginx/1.16.0 vary Accept-Encoding Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Mon, 24 May 2021 06:22:00 UTC
GET H2	200	dc_oe=ChMIzs_p1pjk8AIVg4p3Ch3x8gipEAAYACDb0PhHQhMIlbfE1pjk8AIVZRWLCh1Yogd-;met=1;&timestamp=1621923725267;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 6E2C	42 B 498 B	180ms 79ms	Image image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzs_p1pjk8AIVg4p3Ch3x8gipEAAYACDb0PhHQhMIlbfE1pjk8AIVZRWLCh1Yogd-;met=1;&timestamp=1621923725267;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:22:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMIzd3u1pjk8AIVnpZ3Ch0XJA_fEAAYACDb0PhHQhMIlLfE1pjk8AIVZRWLCh1Yogd-;met=1;&timestamp=1621923725270;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 26BD	42 B 107 B	178ms 79ms	Image image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzd3u1pjk8AIVnpZ3Ch0XJA_fEAAYACDb0PhHQhMIlLfE1pjk8AIVZRWLCh1Yogd-;met=1;&timestamp=1621923725270;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:22:05 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMI0-3a2Jjk8AIVzu13Ch1wPgXNEAEYACDfo55I;met=1;&timestamp=1621923729427;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 924D	42 B 63 B	126ms 74ms	Image image/gif	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0-3a2Jjk8AIVzu13Ch1wPgXNEAEYACDfo55I;met=1;&timestamp=1621923729427;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fa6d5b8ba5bde0bdcac7a2d238d55fcf.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 25 May 2021 06:22:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT