www.romainberg.com Open in urlscan Pro
68.66.213.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://romainberg.com/pp
Effective URL:
https://www.romainberg.com/ppc-advertising/
Submission: On September 14 via manual (September 14th 2020, 8:22:45 pm UTC) from US

Summary HTTP 61 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 61 HTTP transactions. The main IP is 68.66.213.104, located in Ann Arbor, United States and belongs to A2HOSTING, US. The main domain is www.romainberg.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 22nd 2020. Valid for: 3 months.

This is the only time www.romainberg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	68.66.213.104 68.66.213.104	55293 (A2HOSTING) (A2HOSTING)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1 4	23.210.248.216 23.210.248.216	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1 2	54.171.23.184 54.171.23.184	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:10c... 2a02:26f0:10c:5b5::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:214... 2600:9000:214f:da00:0:93e4:a640:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:fe00:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
61	23

13 68.66.213.104 (Ann Arbor, United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: 68.66.213.104.static.a2webhosting.com

romainberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.romainberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.216 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.23.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c:5b5::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:da00:0:93e4:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:fe00:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland) 3 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gstatic.com fonts.gstatic.com	157 KB
13	romainberg.com 1 redirects romainberg.com www.romainberg.com	2 MB
9	googleapis.com fonts.googleapis.com maps.googleapis.com	131 KB
8	facebook.com 3 redirects www.facebook.com web.facebook.com	2 KB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	15 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	facebook.net connect.facebook.net	242 KB
2	hellobar.com my.hellobar.com hi.hellobar.com	37 KB
2	licdn.com snap.licdn.com	3 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net	2 KB
2	googleadservices.com www.googleadservices.com	14 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	google.de www.google.de	107 B
1	google.com 1 redirects www.google.com	630 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	googletagmanager.com www.googletagmanager.com	42 KB
0	Failed function sub() { [native code] }. Failed
61	17

	Domain	Requested by
14	fonts.gstatic.com	fonts.googleapis.com
12	www.romainberg.com	www.romainberg.com
5	www.facebook.com	www.romainberg.com connect.facebook.net
5	fonts.googleapis.com	www.romainberg.com my.hellobar.com
4	maps.googleapis.com	www.romainberg.com maps.googleapis.com
4	s.adroll.com	1 redirects www.googletagmanager.com www.romainberg.com s.adroll.com
3	web.facebook.com	3 redirects connect.facebook.net
3	connect.facebook.net	www.romainberg.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.romainberg.com
2	snap.licdn.com	www.romainberg.com snap.licdn.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	hi.hellobar.com	www.romainberg.com
1	www.linkedin.com	1 redirects
1	my.hellobar.com	www.romainberg.com
1	www.google.de	www.romainberg.com
1	www.google.com	1 redirects
1	d.adroll.com	www.romainberg.com
1	d.adroll.mgr.consensu.org	1 redirects
1	www.googletagmanager.com	www.romainberg.com
1	romainberg.com	1 redirects
0	localhost Failed	www.romainberg.com
61	23

This site contains links to these domains. Also see Links.

Domain
bit.ly
about.ads.microsoft.com
www.facebook.com
www.linkedin.com
g.page
www.dmca.com

Subject Issuer	Validity	Valid
cpanel.romainberg.com Let's Encrypt Authority X3	`2020-08-22` - `2020-11-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.hellobar.com DigiCert SHA2 Secure Server CA	`2017-10-26` - `2020-12-07`	3 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.romainberg.com/ppc-advertising/
Frame ID: F0904E40122771842A9D3A02664EBCE3
Requests: 59 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poiret+One
Frame ID: 727C671A034A46EE33397230C0DC5BE0
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How+can+RomainBerg+help+your+business%3F&logged_out_greeting=How+can+RomainBerg+help+your+business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey&_rdc=1&_rdr
Frame ID: 262251756694ED4410867411956E60AF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
Frame ID: 5CD3C83526F38D62AE4D033E431CDB4C
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v2.12/plugins/customer_chat/bubble
Frame ID: 37DA68D181F6C68843D6ACC5575C6356
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
Frame ID: F960D5B752D64DD715AF72BDB4AC16CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://romainberg.com/pp HTTP 301
https://www.romainberg.com/ppc-advertising/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

61
Requests

97 %
HTTPS

84 %
IPv6

17
Domains

23
Subdomains

23
IPs

5
Countries

2814 kB
Transfer

4051 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/2JuHMoL
Title: Business Insider

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us/insights/planning-tools/microsoft-search-network-data
Title: 54 percent of its search engine users

Search URL Search Domain Scan URL

URL: https://www.facebook.com/romainbergdigital/
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/romain-berg
Title: Linkedin-in

Search URL Search Domain Scan URL

URL: https://g.page/romain-berg-mpls?share
Title: Located in Downtown Minneapolis80 S 8th St Suite 900, Minneapolis, MN 55402

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=7940eb1d-085a-40aa-bef6-dd12728dd6ad&refurl=https://www.romainberg.com/ppc-advertising/
Title: <img src ="https://images.dmca.com/Badges/dmca_protected_sml_120e.png?ID=7940eb1d-085a-40aa-bef6-dd12728dd6ad" alt="DMCA.com Protection Status" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://romainberg.com/pp HTTP 301
https://www.romainberg.com/ppc-advertising/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://s.adroll.com/j/exp/R2WPK6B2SRBC5PAPXOOZ2Z/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 11

https://d.adroll.mgr.consensu.org/consent/iabcheck/R2WPK6B2SRBC5PAPXOOZ2Z?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2 HTTP 302
https://d.adroll.com/consent/check/R2WPK6B2SRBC5PAPXOOZ2Z/?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2

Request Chain 13

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https://www.romainberg.com/ppc-advertising/&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=A9FfX-m3AYvHb-m0kIgN&sscte=1&crd=CNPgGw&eitems=ChAI8Kn8-gUQ6ta0yPyov8sgEh0A_nTdTz-AIK0RwKckchKlEm4wfxzh1zHZ0ivrLw HTTP 302
https://www.google.com/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https://www.romainberg.com/ppc-advertising/&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=A9FfX-m3AYvHb-m0kIgN&cid=CAQSKQCNIrLMbQzCEbIFx7LXzF-VWsEC6zoaM9FMj56GAZ_CLX3QNpmrywwD&eitems=ChAI8Kn8-gUQ6ta0yPyov8sgEh0A_nTdT0yutH6lPwr9rIN72OK1I6Lfq5eJO2iMlQ&random=205893281&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https://www.romainberg.com/ppc-advertising/&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=A9FfX-m3AYvHb-m0kIgN&cid=CAQSKQCNIrLMbQzCEbIFx7LXzF-VWsEC6zoaM9FMj56GAZ_CLX3QNpmrywwD&eitems=ChAI8Kn8-gUQ6ta0yPyov8sgEh0A_nTdT0yutH6lPwr9rIN72OK1I6Lfq5eJO2iMlQ&random=205893281&resp=GooglemKTybQhCsO&ipr=y

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1392700%26time%3D1600114947948%26url%3Dhttps%253A%252F%252Fwww.romainberg.com%252Fppc-advertising%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&liSync=true

Request Chain 59

https://web.facebook.com/v2.12/plugins/customerchat.php?app_id=&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How%20can%20RomainBerg%20help%20your%20business%3F&logged_out_greeting=How%20can%20RomainBerg%20help%20your%20business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey HTTP 302
https://www.facebook.com/v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How+can+RomainBerg+help+your+business%3F&logged_out_greeting=How+can+RomainBerg+help+your+business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey&_rdc=1&_rdr

Request Chain 60

https://web.facebook.com/v2.12/plugins/customer_chat/bubble HTTP 302
https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

Request Chain 62

https://web.facebook.com/v2.12/plugins/customer_chat/bubble HTTP 302
https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

61 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.romainberg.com/ppc-advertising/
Redirect Chain

https://romainberg.com/pp
https://www.romainberg.com/ppc-advertising/

114 KB
114 KB

452ms
215ms

Document
text/html

68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 2633e1d2d3ed605f6744d640bd3a3654de9e928a1fa0775660d9007b9ea2746c

Request headers

Host: www.romainberg.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:26 GMT
Server: Apache
Last-Modified: Sun, 13 Sep 2020 19:48:46 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 14 Sep 2020 20:22:26 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: https://www.romainberg.com/ppc-advertising/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
42 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNX9568

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52d4e1145425b37c6568cfea2bef21878d29e45bb2f43b94e19bfebb28a550ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 20:22:26 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42766
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 20:22:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNX9568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 4006
date: Mon, 14 Sep 2020 19:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 14 Sep 2020 21:15:40 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 38 KB
13 KB 135ms
55ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNX9568
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b151c43349b3aca0bd8701e90e7b18a2e4cb39d057e4cc869c86af9e48d92a69

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: WXjn0J4rMIJvyhtdmTWR32LQRfF25XbN
Content-Encoding: gzip
ETag: "4a1b094811c51a6baf5ca2dc7f750960"
x-amz-request-id: 9FECB7DDCE93DE8D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 12210
x-amz-id-2: zmm4E72jc8yr4m36aSkMdgXZHurNU+p7y/gpEjMfNERy5jIV3yR8SajuMpm9wrLEqiagDPSON4c=
Last-Modified: Thu, 10 Sep 2020 21:05:32 GMT
Server: AmazonS3
Date: Mon, 14 Sep 2020 20:22:26 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 103ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNX9568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 20:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 20:22:26 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1254797904&t=pageview&_s=1&dl=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&ul=en-us&de=UTF-8&dt=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=495267148&gjid=976450779&cid=489438143.1600114947&tid=UA-118976843-1&_gid=2139621606.1600114947&_r=1&gtm=2wg920MNX9568&z=219218582

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.romainberg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 90 KB
3 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289e44da6f68acdcae34d201df0c178ea51ad2e0fa2756f64674ed538a8a854f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 20:22:26 GMT
server: ESF
date: Mon, 14 Sep 2020 20:22:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 20:22:26 GMT

GET
H/1.1 200
OK ce4bc735925ea537ad0358ce9e53fcc7.css
www.romainberg.com/wp-content/cache/min/1/ 811 KB
811 KB 266ms
117ms Stylesheet
text/css 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 03036cf4331e700e5da83ac70e92cd5b896bcbe5709d7681774ed3a73f8906ef

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Wed, 26 Aug 2020 14:18:29 GMT
Server: Apache
ETag: "4e0002-cac53-5adc87e6f7423"
Vary: User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 830547

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/744452228/ 2 KB
2 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/744452228/?random=1600114946988&cv=9&fst=1600114946988&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fea7c7e8b000825fda10747d2237f4d348309f89762b4d96184d75f8ffd142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/744452228/ 43 B
226 B 24ms
23ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/744452228/?random=1600114946992&cv=9&fst=1600114946992&num=1&rdp=1&label=%5Bobject%20Object%5D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&data=vtp_doubleClick%3Dfalse%3Bvtp_setTrackerName%3Dfalse%3Bvtp_useDebugVersion%3Dfalse%3Bvtp_useHashAutoLink%3Dfalse%3Bvtp_decorateFormsAutoLink%3Dfalse%3Bvtp_enableLinkId%3Dfalse%3Bvtp_enableEcommerce%3Dfalse%3Bvtp_trackingId%3DUA-118976843-1%3Bvtp_enableRecaptchaOption%3Dfalse%3Bvtp_enableTransportUrl%3Dfalse%3Bvtp_enableUaRlsa%3Dfalse%3Bvtp_enableUseInternalVersion%3Dfalse%3Bvtp_gtmEventId%3D1&frm=0&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/R2WPK6B2SRBC5PAPXOOZ2Z/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

37ms
36ms

Script
application/javascript

23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 2U8XMvdFINXJNFsilaXONuSvqmREKV3.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 0A9DFB41B15EF3A2
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 9wtYzl8isf76a+KTcCc0hWCh/ZKrxXSL0KsmsoDDvS1VGgWl/GxdSe7DtPnOmbh4BH+84jF1nEY=
Last-Modified: Fri, 31 Jul 2020 16:11:15 GMT
Server: AmazonS3
Date: Mon, 14 Sep 2020 20:22:27 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/R2WPK6B2SRBC5PAPXOOZ2Z/SMQBWLVSOBC5HA4S7OJOJI/ 0
773 B 111ms
38ms Script
text/javascript 23.210.248.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/R2WPK6B2SRBC5PAPXOOZ2Z/SMQBWLVSOBC5HA4S7OJOJI/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-216.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: pdm.wST6NJ4D73f1xflIbpE8AcqlXYFi
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 80A968494CB29A46
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: T1oruDUe3iI1uY69t6qsRNTKICSSpdcEkhogBJlpnQPkydn128ZSjn2ihEIKF3WuwQIm3KXtkj8=
Last-Modified: Mon, 14 Sep 2020 01:52:07 GMT
Server: AmazonS3
Date: Mon, 14 Sep 2020 20:22:27 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/R2WPK6B2SRBC5PAPXOOZ2Z/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/R2WPK6B2SRBC5PAPXOOZ2Z?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2
https://d.adroll.com/consent/check/R2WPK6B2SRBC5PAPXOOZ2Z/?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2

395 B
487 B

39ms
38ms

Script
application/javascript

54.171.23.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/R2WPK6B2SRBC5PAPXOOZ2Z/?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e6d831ba13735a3257107fb739fd4436069b2d89ae82c6e08d3f9d8993630b6b

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 20:22:27 GMT
server: nginx/1.16.1
content-length: 395
content-type: application/javascript

Redirect headers

status: 302
date: Mon, 14 Sep 2020 20:22:27 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/R2WPK6B2SRBC5PAPXOOZ2Z/?_s=1666789ae1f38f5f13b4ff593ed83731&_b=2

GET
H/1.1 200
OK jquery.js Show response
www.romainberg.com/wp-includes/js/jquery/ 95 KB
95 KB 296ms
116ms Script
application/javascript 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Fri, 17 May 2019 13:55:54 GMT
Server: Apache
ETag: "28430ab-17a69-58915bdbaae80"
Vary: User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 96873

GET
H2

200

/
www.google.de/pagead/1p-conversion/744452228/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.com/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
https://www.google.de/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...

42 B
107 B

25ms
25ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https://www.romainberg.com/ppc-advertising/&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=A9FfX-m3AYvHb-m0kIgN&cid=CAQSKQCNIrLMbQzCEbIFx7LXzF-VWsEC6zoaM9FMj56GAZ_CLX3QNpmrywwD&eitems=ChAI8Kn8-gUQ6ta0yPyov8sgEh0A_nTdT0yutH6lPwr9rIN72OK1I6Lfq5eJO2iMlQ&random=205893281&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/744452228/?random=373435708&cv=9&fst=*&num=1&value=0&label=BBIRCIuprKcBEITh_eIC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg920&sendb=1&ig=1&frm=0&url=https://www.romainberg.com/ppc-advertising/&tiba=PPC%20Advertising%20Service%20%7C%20Top%20Rated%20PPC%20Marketing%20%26%20Management%20%7C%20Romain%20Berg&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=A9FfX-m3AYvHb-m0kIgN&cid=CAQSKQCNIrLMbQzCEbIFx7LXzF-VWsEC6zoaM9FMj56GAZ_CLX3QNpmrywwD&eitems=ChAI8Kn8-gUQ6ta0yPyov8sgEh0A_nTdT0yutH6lPwr9rIN72OK1I6Lfq5eJO2iMlQ&random=205893281&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 128 KB
42 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDLcCbIcT2wHK4xu9RsnVRyZ8jmS-0NsvU&libraries=places&callback=initMapdisplay

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

bdf1ebb6ac2a1606bb57ef6e827e0ff9432dc42ee66283c83449ab274a9fd013

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 20:22:27 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=26
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42750
x-xss-protection: 0
expires: Mon, 14 Sep 2020 20:52:27 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
www.romainberg.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
8 KB 120ms
119ms Script
application/javascript 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 02:46:15 GMT
Server: Apache
ETag: "480d18-1ed2-5abdc06946076"
Vary: User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7890

GET
H/1.1 200
OK 775e4f2c9d734dba317d036787fd9924.js Show response
www.romainberg.com/wp-content/cache/min/1/ 698 KB
699 KB 116ms
116ms Script
application/javascript 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/cache/min/1/775e4f2c9d734dba317d036787fd9924.js
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: cc0af619f48326e70799166f18e4c42eedc5913d982733895602c1cc02f1fd9d

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Wed, 26 Aug 2020 14:18:31 GMT
Server: Apache
ETag: "4e001b-ae92f-5adc87e84fbcf"
Vary: User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 715055

GET
H3-Q050 200 css
fonts.googleapis.com/ 8 KB
1 KB 36ms
21ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6203a5ff38cfa75aa701d00611b9f6a2a3ce0eed8764dea95a98312996ec105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 18:26:26 GMT
server: ESF
date: Mon, 14 Sep 2020 20:22:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 20:22:27 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77416424b72d1fead7a63b78b29b8794d299958081e75a798e6eaeaafc14523c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b74529389b45a143d062bf2ff7ea02f1426f6aafcb71fd07b83653c1f6012a37

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8800f12d25f2413dda76c993b1b5be88e1fea2c78c7e8c7d8d8d407263c3bae4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK PartnerBadge.png
www.romainberg.com/wp-content/uploads/ 2 KB
2 KB 121ms
121ms Image
image/png 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.romainberg.com/wp-content/uploads/PartnerBadge.png
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: fa261aee18e2792d46f577514a61c902bafa518d1a0248df2a2e28ffea3a06c9

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 05:46:12 GMT
Server: Apache
ETag: "374d05f-6f0-5abde8a2b43c8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1776

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v12/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v12/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 19:24:38 GMT
server: sffe
age: 33504
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:03 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 210ms
125ms Font
font/woff2 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.romainberg.com
Referer: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 02:08:14 GMT
Server: Apache
ETag: "2a806ab-12d68-5abdb7ea3e69c"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 33507
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:00 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:17 GMT
server: sffe
age: 33497
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10996
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:10 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 33485
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10968
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 33507
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:00 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 33503
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:04 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v12/ 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v12/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:05:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 19:24:31 GMT
server: sffe
age: 33404
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:05:43 GMT

GET
H/1.1 200
OK iconfont.ttf
www.romainberg.com/wp-content/plugins/pixerex-elements/assets/fonts/ 173 KB
173 KB 231ms
117ms Font
font/ttf 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/plugins/pixerex-elements/assets/fonts/iconfont.ttf?icuiu1
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 9a6c9ae8f404cd8ce079a248111f58928699d26d88f957d50edfb6391029643d

Request headers

Origin: https://www.romainberg.com
Referer: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Tue, 16 Apr 2019 18:12:54 GMT
Server: Apache
ETag: "2800e08-2b354-586a9b7c09854"
Vary: User-Agent
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 176980

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 30 KB
30 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 11:04:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:33:54 GMT
server: sffe
age: 33497
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30940
x-xss-protection: 0
expires: Tue, 14 Sep 2021 11:04:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:07:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 40524
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:07:03 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
74 KB 260ms
116ms Font
font/woff2 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

Origin: https://www.romainberg.com
Referer: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 02:08:14 GMT
Server: Apache
ETag: "2a8156f-128a0-5abdb7ea47b0b"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 75936

GET
H/1.1 200
OK fa-solid-900.woff2
www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 74 KB
75 KB 335ms
117ms Font
font/woff2 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://www.romainberg.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Origin: https://www.romainberg.com
Referer: https://www.romainberg.com/wp-content/cache/min/1/ce4bc735925ea537ad0358ce9e53fcc7.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 02:08:14 GMT
Server: Apache
ETag: "2a81578-12934-5abdb7ea49a4b"
Vary: User-Agent
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 76084

GET
H3-Q050 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v12/ 8 KB
8 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v12/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 19:24:26 GMT
server: sffe
age: 40566
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:06:21 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:06:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 40576
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:06:11 GMT

GET
H3-Q050 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:06:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 40548
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11052
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:06:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: aYkOHETUZI19yFZAScEiD4usf+k29EuCWOFZsttUMnGRy3hSRB0HMXL8Jq41PWL5ZKZfigAs2Dfyq405fhQ5VA==
x-fb-trip-id: 2042748335
x-frame-options: DENY
date: Mon, 14 Sep 2020 20:22:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 964 B
759 B 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:5b5::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b5::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:41:55 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=47693
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 446

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:5b5::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5b5::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:41:55 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=48349
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 259 KB
75 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/775e4f2c9d734dba317d036787fd9924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06a2ad9e99e71005a9aed86f40d0c72c82757a0d4a8ca1549b341d71b56e29f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9hlOKhdZPhFExOIreXWK5w==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76662
etag: "f4ae923331c8f19a10487f6ebda93d86"
x-fb-debug: q3zXYrcZKqhGGxeoPhf0zOJvrfQO/jsfc9pJ1PmZ9eVywVNtpg2mDmnk/3NvEhSitqUVu9k6r6RSyMlc1Hs24A==
x-fb-trip-id: 2042748335
x-fb-content-md5: 6c39d4b14f1ec50095328ab526ade80f
x-frame-options: DENY
date: Mon, 14 Sep 2020 20:22:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Sep 2020 20:37:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
799 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:700,400%7CRoboto+Condensed:700&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese,hebrew,arabic,bengali,gujarati,tamil,telugu,thai,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese,hebrew,arabic,bengali,gujarati,tamil,telugu,thai

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/775e4f2c9d734dba317d036787fd9924.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba25b3930d90b8cd6dee5548010a7fce54f5d2431cbd75a00960d323f581488a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 20:22:27 GMT
server: ESF
date: Mon, 14 Sep 2020 20:22:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 20:22:27 GMT

GET
H2 200 modules-v59.js Show response
my.hellobar.com/ 134 KB
37 KB 27ms
11ms Script
text/javascript 2600:9000:214f:da00:0:93e4:a640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules-v59.js
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/wp-content/cache/min/1/775e4f2c9d734dba317d036787fd9924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:da00:0:93e4:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8864e7496ed23664cdd8decb8628c1f73e177f59aa550b9751137d44d225a0f

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 02:14:00 GMT
content-encoding: gzip
last-modified: Mon, 25 May 2020 18:10:58 GMT
server: AmazonS3
age: 1015708
etag: "1335933f9a98bbc00849a4d08760b035"
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: must-revalidate, proxy-revalidate, max-age=31557600, s-maxage=31557600
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 37586
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-id: m0o7oytaAFoVlRXa0uzNckP1XaTpQaH-gpMeqnGUARcYE5q_74yv6g==

GET
H/1.1 200
OK romain-logo-main-150x150.png
www.romainberg.com/wp-content/uploads/ 1 KB
2 KB 117ms
116ms Image
image/png 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.romainberg.com/wp-content/uploads/romain-logo-main-150x150.png
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 9d3380fb9f694ef5b84f7f909526825804891a71cf59c643162933e6a4964eee

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Mon, 20 May 2019 14:39:30 GMT
Server: Apache
ETag: "28011d7-5e0-58952b33ab9d3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1504

GET 05-min-5.jpg
localhost/gt/wp-content/uploads/2019/02/ 0
0

GET
H/1.1 200
OK ppc-romain-berg-1.jpg
www.romainberg.com/wp-content/uploads/ 24 KB
24 KB 118ms
117ms Image
image/jpeg 68.66.213.104
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.romainberg.com/wp-content/uploads/ppc-romain-berg-1.jpg
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.66.213.104 Ann Arbor, United States, ASN55293 (A2HOSTING, US),
Reverse DNS: 68.66.213.104.static.a2webhosting.com
Software: Apache /
Resource Hash: 4be1da63a45dd095ad60c59019f555eec3ba94e11ce4d426735139773bc5bb41

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 20:22:27 GMT
Last-Modified: Sun, 02 Aug 2020 06:38:18 GMT
Server: Apache
ETag: "374d4d4-601f-5abdf447b9cf1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 24607

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1392700%26time%3D1600114947948%26url%3Dhttps%253A%252F%252Fwww.romainberg.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&liSync=true

0
40 B

180ms
179ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&liSync=true
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 20:22:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: fBs3WRHANBbgn9HNRisAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: adE/URHANBYAwYo1PysAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 314D188B4C0E4FC8BF1D0822CA66B5D0 Ref B: FRAEDGE1421 Ref C: 2020-09-14T20:22:28Z
x-frame-options: sameorigin
date: Mon, 14 Sep 2020 20:22:28 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1392700&time=1600114947948&url=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 306528826456398 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/306528826456398?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd05febd779723ce16ccfe14157c44b79316c0f6938c6a2824a9c6769a7ebf4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Uah6lwGpPB2bJ+xxy628zvrwhEiYoP58+wwOxySgHXFSSmfXdE561ANULqBE85rpo56t3OUSOqfdoWiCGWtY5g==
x-fb-trip-id: 2042748335
x-frame-options: DENY
date: Mon, 14 Sep 2020 20:22:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb9lecyVC4A.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb9lecyVC4A.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de93fc29c2c2cc8d0e0c998ff3cb570c6250fa3e770e1aa2cfee12499051ffee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:07:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:09 GMT
server: sffe
age: 40483
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6828
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:07:44 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 727C 1 KB
499 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poiret+One

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v59.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a85a99cc5401707a178038f83930b5552920bf60bd09e517d5286d9f75312fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 20:22:28 GMT
server: ESF
date: Mon, 14 Sep 2020 20:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 20:22:28 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 727C 2 KB
548 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules-v59.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 19:28:44 GMT
server: ESF
date: Mon, 14 Sep 2020 20:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 20:22:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306528826456398&ev=PageView&dl=https%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&rl=&if=false&ts=1600114948138&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600114948137.2097651601&it=1600114947956&coo=false&rqm=GET

Requested by

Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 20:22:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 20:22:28 GMT

GET
H2 200 LL8f7llT1Ieq88adpdKkJk6oGdVFS-OrLlHe0pbjjSSS
hi.hellobar.com/v/8KN6iYpzMk2brYQUpugM7v-RxhE0mBWLd7TKPKlfV5GmxnIUAepF/ 35 B
361 B 562ms
530ms Image
image/gif 2600:9000:2057:fe00:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/8KN6iYpzMk2brYQUpugM7v-RxhE0mBWLd7TKPKlfV5GmxnIUAepF/LL8f7llT1Ieq88adpdKkJk6oGdVFS-OrLlHe0pbjjSSS?t=1600114948&v=faa5273f-e6ff-4eac-c7c8-f5f68d1655b4&f=i&s=2230ecc9500a9c0e6b48780ab8f08050bacc712f37fab8a3aa409cf88117f1885f15c934b9f8784b4500ea7ee0d35fd68c7cf7563e50eaeabdb96fff2b676ee4
Requested by: Host: www.romainberg.com
URL: https://www.romainberg.com/ppc-advertising/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fe00:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:41:01 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
age: 100583
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 8wVZIPiOazvrtvSz4rCdD_EBqhoVvNN-S11FdMqcSBhE8sEeYl-W-g==

GET
H3-Q050 200 UqyVK80NJXN4zfRgbdfbo55cV-UyZKA.woff2
fonts.gstatic.com/s/poiretone/v9/ Frame 727C 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poiretone/v9/UqyVK80NJXN4zfRgbdfbo55cV-UyZKA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32fe7dc755a4cfb7658ea8d5dac03243bb2feff4ae20204a7c779fd9acdd3cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.romainberg.com
Referer: https://fonts.googleapis.com/css?family=Poiret+One
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 06:46:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:05:40 GMT
server: sffe
age: 567350
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
expires: Wed, 08 Sep 2021 06:46:38 GMT

GET
DATA 200
OK truncated
/ Frame 727C 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Origin: https://www.romainberg.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

POST
H2 200 /
www.facebook.com/tr/ 0
85 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFxAKuMPnblKBEJ39

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Sep 2020 20:22:28 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.romainberg.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2

200

customerchat.php
www.facebook.com/v2.12/plugins/ Frame 2622
Redirect Chain

https://web.facebook.com/v2.12/plugins/customerchat.php?app_id=&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888...
https://www.facebook.com/v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%...

0
0

107ms
106ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How+can+RomainBerg+help+your+business%3F&logged_out_greeting=How+can+RomainBerg+help+your+business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.romainberg.com;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How+can+RomainBerg+help+your+business%3F&logged_out_greeting=How+can+RomainBerg+help+your+business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.romainberg.com/ppc-advertising/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0p7vX9WA04moQh9o0..BfX9EE...1.0.BfX9EE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://www.romainberg.com;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 325EUGD/aDfSqjrCK8UUesDkv6b1p8aZmjofZdxTOO2ZWGVJ/ps2s8YIpv6NiJVjHg+ggtC7VOzdDd4C9tJW/w==
date: Mon, 14 Sep 2020 20:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/v2.12/plugins/customerchat.php?app_id&attribution=wordpress&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1553c0d6c25888%26domain%3Dwww.romainberg.com%26origin%3Dhttps%253A%252F%252Fwww.romainberg.com%252Ff22759e2b24dae4%26relation%3Dparent.parent&container_width=0&locale=en_US&logged_in_greeting=How+can+RomainBerg+help+your+business%3F&logged_out_greeting=How+can+RomainBerg+help+your+business%3F&page_id=453249305104124&request_time=1600114948851&sdk=joey&_rdc=1&_rdr
x-fb-zr-redirect: 02|1600201348|FzBFAiEA5eKp08NEubZr3olFhGgRKkReCuE59YxZfmZe4LfgAIkCIGEJRoJpIk99O-70cUWwtUsW8zMvkYNdYgpftnGtoY7x
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uCdiw829bfsAusuwhjX+EJnrAJjJW8PnzksKHEwQlRWZwgCAZS9g01QRUT8xQu0s9KinLPGJvd5sYX/WJQ5Hvw==
content-length: 0
date: Mon, 14 Sep 2020 20:22:28 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2

200

bubble
www.facebook.com/v2.12/plugins/customer_chat/ Frame 5CD3
Redirect Chain

https://web.facebook.com/v2.12/plugins/customer_chat/bubble
https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

0
0

55ms
55ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.romainberg.com/ppc-advertising/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0p7vX9WA04moQh9o0..BfX9EE...1.0.BfX9EE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.romainberg.com/ppc-advertising/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: GjgZpbLkHVbYNCiBWwEbI3nKvCbBjhiKoWkIH2NsoPsudVFO4Bej4kvQyCISr5WmGMC6eb0FuFZkZ3CDBH4oUw==
date: Mon, 14 Sep 2020 20:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
x-fb-zr-redirect: 02|1600201349|FzBFAiA7GqFoOH5ySP95otnb4T2fkIH8cMxmP0D9BSfj0kWNdgIhAKsl0OnTDedajqIGQ0DgmAaFs2CdVyYT2jqOwxOkdMkw
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: bbyaut0WPjMLSfKR6swgHbfySRYIQt5/Foh8z8PrjKRC10X2QKGWKhDZxIWRKs9X+A5ZveTvx2zseQ6JLdgifw==
content-length: 0
date: Mon, 14 Sep 2020 20:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET bubble
web.facebook.com/v2.12/plugins/customer_chat/ Frame 37DA 0
0

GET
H2

200

bubble
www.facebook.com/v2.12/plugins/customer_chat/ Frame F960
Redirect Chain

https://web.facebook.com/v2.12/plugins/customer_chat/bubble
https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

0
0

47ms
47ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.romainberg.com/ppc-advertising/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0p7vX9WA04moQh9o0..BfX9EE...1.0.BfX9EE.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.romainberg.com/ppc-advertising/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 0/O7fmUAUfK0AOqK220W/T8YlmqmwHd8UYmEOs2EMYOUGiXmfm9MgWjrASnPSJrXzyemIxqWE+Mz1hM9VqBn2A==
date: Mon, 14 Sep 2020 20:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/v2.12/plugins/customer_chat/bubble?_rdc=1&_rdr
x-fb-zr-redirect: 02|1600201349|FzBFAiEApgDYjANvwCIOJELVvw-vVnq8s3rF2_WYmGFvy496eBMCIAzfu-oWzX93MVU4mDtbbXrpwduhMItMmGpXWvcFYh2R
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: rRMKJXRPXgfhKCCVV59A2KAx2dc8o6k//giGzSo3IVC54yg/MJCXFA8gThkGGmM8ZBAz0GTnYVA8PF2aJJl9aQ==
content-length: 0
date: Mon, 14 Sep 2020 20:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/4/ 78 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDLcCbIcT2wHK4xu9RsnVRyZ8jmS-0NsvU&libraries=places&callback=initMapdisplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f3ed689d03bf3b56c597f5f529ba17e876def6b3e7e39f204c070a505c64cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Sep 2020 11:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Sep 2020 19:06:25 GMT
server: sffe
age: 203627
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29309
x-xss-protection: 0
expires: Sun, 12 Sep 2021 11:48:45 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/4/ 146 KB
54 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDLcCbIcT2wHK4xu9RsnVRyZ8jmS-0NsvU&libraries=places&callback=initMapdisplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fbee096f09e3ac882c3b46b2ef15ad5cbfaa49522b6df7fb07eb52a6355cc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 17:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Sep 2020 19:06:25 GMT
server: sffe
age: 443499
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55083
x-xss-protection: 0
expires: Thu, 09 Sep 2021 17:10:53 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
447 B 69ms
56ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.romainberg.com%2Fppc-advertising%2F&4sAIzaSyDLcCbIcT2wHK4xu9RsnVRyZ8jmS-0NsvU&callback=_xdc_._zi6bg6&key=AIzaSyDLcCbIcT2wHK4xu9RsnVRyZ8jmS-0NsvU&token=32070

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/4/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

523df37c2269e4d3f41ca2c44fce1feef697081e59c6b12cc2853d7c2de8e79b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.romainberg.com/ppc-advertising/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 20:22:32 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=35
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: https://localhost/gt/wp-content/uploads/2019/02/05-min-5.jpg

Domain: web.facebook.com
URL: https://web.facebook.com/v2.12/plugins/customer_chat/bubble

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.romainberg.com/	1970-01-19 14:38:10	Name: _fbp Value: fb.1.1600114948137.2097651601
.romainberg.com/	1970-01-19 12:30:01	Name: _gid Value: GA1.2.2139621606.1600114947
.romainberg.com/	1970-01-19 12:28:35	Name: _gat_UA-118976843-1 Value: 1
.romainberg.com/	1970-01-20 05:59:46	Name: _ga Value: GA1.2.489438143.1600114947
.romainberg.com/	1970-01-19 14:38:10	Name: _gcl_au Value: 1.1.1111648944.1600114947

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hi.hellobar.com
localhost
maps.googleapis.com
my.hellobar.com
px.ads.linkedin.com
romainberg.com
s.adroll.com
snap.licdn.com
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.romainberg.com
localhost
web.facebook.com
172.217.16.130
23.210.248.216
2600:9000:2057:fe00:1b:45dc:7080:93a1
2600:9000:214f:da00:0:93e4:a640:93a1
2620:1ec:21::14
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a00:1450:4001:816::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2008
2a02:26f0:10c:5b5::25ea
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
54.171.23.184
68.66.213.104
03036cf4331e700e5da83ac70e92cd5b896bcbe5709d7681774ed3a73f8906ef
06a2ad9e99e71005a9aed86f40d0c72c82757a0d4a8ca1549b341d71b56e29f1
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
24f3ed689d03bf3b56c597f5f529ba17e876def6b3e7e39f204c070a505c64cf
2633e1d2d3ed605f6744d640bd3a3654de9e928a1fa0775660d9007b9ea2746c
289e44da6f68acdcae34d201df0c178ea51ad2e0fa2756f64674ed538a8a854f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32fe7dc755a4cfb7658ea8d5dac03243bb2feff4ae20204a7c779fd9acdd3cef
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42fea7c7e8b000825fda10747d2237f4d348309f89762b4d96184d75f8ffd142
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4be1da63a45dd095ad60c59019f555eec3ba94e11ce4d426735139773bc5bb41
523df37c2269e4d3f41ca2c44fce1feef697081e59c6b12cc2853d7c2de8e79b
52d4e1145425b37c6568cfea2bef21878d29e45bb2f43b94e19bfebb28a550ed
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
77416424b72d1fead7a63b78b29b8794d299958081e75a798e6eaeaafc14523c
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7fbee096f09e3ac882c3b46b2ef15ad5cbfaa49522b6df7fb07eb52a6355cc98
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
8800f12d25f2413dda76c993b1b5be88e1fea2c78c7e8c7d8d8d407263c3bae4
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9a6c9ae8f404cd8ce079a248111f58928699d26d88f957d50edfb6391029643d
9d3380fb9f694ef5b84f7f909526825804891a71cf59c643162933e6a4964eee
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a85a99cc5401707a178038f83930b5552920bf60bd09e517d5286d9f75312fe7
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b151c43349b3aca0bd8701e90e7b18a2e4cb39d057e4cc869c86af9e48d92a69
b5840616d8bf9540bbe45a42f6841f92b78c70dabd3b8ee60abb51e79c47d5d6
b6203a5ff38cfa75aa701d00611b9f6a2a3ce0eed8764dea95a98312996ec105
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b74529389b45a143d062bf2ff7ea02f1426f6aafcb71fd07b83653c1f6012a37
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ba25b3930d90b8cd6dee5548010a7fce54f5d2431cbd75a00960d323f581488a
bd05febd779723ce16ccfe14157c44b79316c0f6938c6a2824a9c6769a7ebf4e
bdf1ebb6ac2a1606bb57ef6e827e0ff9432dc42ee66283c83449ab274a9fd013
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
cc0af619f48326e70799166f18e4c42eedc5913d982733895602c1cc02f1fd9d
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d8864e7496ed23664cdd8decb8628c1f73e177f59aa550b9751137d44d225a0f
de93fc29c2c2cc8d0e0c998ff3cb570c6250fa3e770e1aa2cfee12499051ffee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d831ba13735a3257107fb739fd4436069b2d89ae82c6e08d3f9d8993630b6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa261aee18e2792d46f577514a61c902bafa518d1a0248df2a2e28ffea3a06c9

www.romainberg.com Open in urlscan Pro 68.66.213.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

84 %IPv6

17 Domains

23 Subdomains

23 IPs

5 Countries

2814 kBTransfer

4051 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.romainberg.com Open in urlscan Pro
68.66.213.104 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

84 %
IPv6

17
Domains

23
Subdomains

23
IPs

5
Countries

2814 kB
Transfer

4051 kB
Size

5
Cookies

61 HTTP transactions
6 data transactions