dr-venture.com Open in urlscan Pro
108.167.183.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dr-venture.com/
Effective URL:
https://dr-venture.com/
Submission: On December 19 via manual (December 19th 2022, 4:26:34 pm UTC) from US — Scanned from DE

Summary HTTP 279 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 34 domains to perform 279 HTTP transactions. The main IP is 108.167.183.87, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is dr-venture.com.
TLS certificate: Issued by R3 on November 16th 2022. Valid for: 3 months.

This is the only time dr-venture.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 80	108.167.183.87 108.167.183.87	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
7	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a10:13c0:ef1... 2a10:13c0:ef1c::11	197816 (ETIX-EVER...) (ETIX-EVERYWHERE)
1	143.204.95.64 143.204.95.64	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
5	172.98.57.106 172.98.57.106	399647 (RUMBLE) (RUMBLE)
7	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 28	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
10	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
5 8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 2	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1 1	96.16.147.165 96.16.147.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	108.128.89.252 108.128.89.252	16509 (AMAZON-02) (AMAZON-02)
1	52.49.220.212 52.49.220.212	16509 (AMAZON-02) (AMAZON-02)
1	54.217.203.96 54.217.203.96	16509 (AMAZON-02) (AMAZON-02)
1	52.215.10.98 52.215.10.98	16509 (AMAZON-02) (AMAZON-02)
279	39

80 108.167.183.87 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: gator4215.hostgator.com

dr-venture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a10:13c0:ef1c::11 (France)

ASN197816 (ETIX-EVERYWHERE, FR)

real-debrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.95.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-64.fra50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.98.57.106 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

s.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nv.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.230 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.147.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.128.89.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com

t.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.220.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-220-212.eu-west-1.compute.amazonaws.com

pixel.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.203.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-203-96.eu-west-1.compute.amazonaws.com

vis.vi-serve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.10.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-10-98.eu-west-1.compute.amazonaws.com

call.inforsea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	dr-venture.com 1 redirects dr-venture.com	934 KB
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	581 KB
39	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 202 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 ad.doubleclick.net — Cisco Umbrella Rank: 161	192 KB
21	gstatic.com fonts.gstatic.com www.gstatic.com	224 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28664 ad4m.at — Cisco Umbrella Rank: 9760 assets.ad4m.at — Cisco Umbrella Rank: 37651	378 KB
13	vi-serve.com s.vi-serve.com — Cisco Umbrella Rank: 17692 t.vi-serve.com — Cisco Umbrella Rank: 17739 vis.vi-serve.com — Cisco Umbrella Rank: 18869 nv.vi-serve.com — Cisco Umbrella Rank: 23425	193 KB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 imasdk.googleapis.com — Cisco Umbrella Rank: 405 jnn-pa.googleapis.com — Cisco Umbrella Rank: 182	384 KB
10	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 73	826 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	327 KB
5	rumble.com rumble.com — Cisco Umbrella Rank: 17862	36 KB
3	inforsea.com pixel.inforsea.com — Cisco Umbrella Rank: 19547 player.inforsea.com — Cisco Umbrella Rank: 20287 call.inforsea.com — Cisco Umbrella Rank: 21395	41 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8549 www.google.de — Cisco Umbrella Rank: 6041	1 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 71689	732 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73979	512 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 581	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 566	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1844	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292 static-de.ad4mat.net — Cisco Umbrella Rank: 126078	4 KB
2	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 27357	42 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 59744	639 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14058	696 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 90883	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 81505	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 690	338 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 309	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1546	352 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 759	716 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	17 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	699 B
1	w.org s.w.org — Cisco Umbrella Rank: 1409	867 B
1	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 7384	8 KB
1	real-debrid.com real-debrid.com — Cisco Umbrella Rank: 207960	44 KB
279	34

	Domain	Requested by
80	dr-venture.com	1 redirects dr-venture.com
37	tpc.googlesyndication.com	googleads.g.doubleclick.net dr-venture.com tpc.googlesyndication.com pagead2.googlesyndication.com
27	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net dr-venture.com
18	pagead2.googlesyndication.com	dr-venture.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	www.gstatic.com	googleads.g.doubleclick.net
10	www.youtube.com	dr-venture.com www.youtube.com
8	www.google.com	5 redirects dr-venture.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	dr-venture.com googleads.g.doubleclick.net
6	t.vi-serve.com	dr-venture.com
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	s.vi-serve.com	dr-venture.com s.vi-serve.com
5	rumble.com	dr-venture.com rumble.com
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	jnn-pa.googleapis.com	www.youtube.com
3	www.google-analytics.com	rumble.com www.google-analytics.com dr-venture.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	imasdk.googleapis.com	rumble.com imasdk.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sp.rmbl.ws	dr-venture.com
1	call.inforsea.com	player.inforsea.com
1	nv.vi-serve.com	dr-venture.com
1	vis.vi-serve.com	s.vi-serve.com
1	player.inforsea.com	s.vi-serve.com
1	pixel.inforsea.com	dr-venture.com
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	dr-venture.com
1	a.tribalfusion.com	1 redirects
1	prod-rtb.ad4mat.net	dr-venture.com
1	www.google.de	dr-venture.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.doubleclick.net	www.youtube.com
1	s0.2mdn.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.w.org	dr-venture.com
1	z-na.amazon-adsystem.com	dr-venture.com
1	real-debrid.com	dr-venture.com
279	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
youtube.com
twitter.com
teespring.com
www.amazon.com
paypal.me
real-debrid.com

Subject Issuer	Validity	Valid
dr-venture.com R3	`2022-11-16` - `2023-02-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
real-debrid.com DigiCert SHA2 Extended Validation Server CA	`2022-05-24` - `2023-06-24`	a year	crt.sh
ws-na.assoc-amazon.com Amazon	`2022-01-17` - `2023-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-12` - `2023-12-09`	a year	crt.sh
*.vi-serve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-10` - `2023-08-30`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sp.rmbl.ws R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.inforsea.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-09` - `2023-03-28`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://dr-venture.com/
Frame ID: 3B10DF64DB60EE47614B99FED8F21148
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: ADA498B3A3DCB1FD36A337968AB682A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&adk=1812271804&adf=3025194257&lmt=1671467187&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fdr-venture.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186645&bpp=6&bdt=670&idt=373&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6918969211467&frm=20&pv=2&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=398
Frame ID: 8FE7CF711508C61B9D2A60DA8894EC5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=280&adk=3539277281&adf=4047435374&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1671467187&rafmt=1&to=qs&pwprc=5211295787&format=1200x280&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186651&bpp=2&bdt=676&idt=395&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QQ260qtLVo&p=https%3A//dr-venture.com&dtd=398
Frame ID: 7AD75CB73DA0FE00967A40E744B4AD05
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
Frame ID: 354086AA842C9FCDCEBAB663E34EC6E4
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 4A73A965AFC95B959DA10D5BB30A8F8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 24E13B3035AC4A95548648D76D08E8F2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=2059675521&adf=1340942327&pi=t.aa~a.2191923801~rp.4&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0glqHDoQw&p=https%3A//dr-venture.com&dtd=19
Frame ID: 11849026770954670C2CD7F787B27A54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23
Frame ID: 7E1656D50FED4FA5408FB0AD6CF81DB4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: FA1CFAA94CA8D326E0E4BD81392F423B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C13B57ABBA04A7C657D330C41B2C884
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: DF3509208F0B93C9F8BDF07F55E8561B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: AC6C7923A40877287FE00C7B180EBEE1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: E10DBBB99E5C583157B3B9F465FC4D14
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 902CB7561769163222BE6495B605BEEE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 96E2416B0934B3412B93BAE8FE81D60D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 49635FD6B6E5A44E7EE6553FE0C906AB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8B5B62BC042E2E13547F058E9C5AD3EF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 032A104E81391AF9EB3E02B158998947
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CSFrBtJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTEAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnjK-_svbMyfKxkDpxS-c4exYsFqu8szSuZgvgyq0KYctXEuxIHY6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNDYwMzA3MDkyMTAxNDkYAA&sigh=RzHUpDaRROg&uach_m=[UACH]&cid=CAQSOwDq26N999mDA6k6kk1Izi06OkEEhnOoo_FjP2JletRui3vJJ61i9Z2tjwbm7oblD4rtjwyi6H2EQH5EGAEgEw
Frame ID: 26B7BA1D7C2B754190F163FE35959B6B
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D
Frame ID: 5BB336C24D5686DB2362F22EE179631C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55F45A107B62B269665345718F399BAB
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C80CEB3AA1DF78E177765F33A752C9BD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Frame ID: 5A092FFD4498BBA07FAC1107D3CE0D3C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html
Frame ID: 26AEA58F1C7A9DD1FC41BCBAD134D137
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=COBMAtJCgY5f9GaPTtOUP58-OkAmDg_Kbbc-c6de1ELCQHxABIIqB_ytglcKmgrAHoAGtjcLBAsgBCakCDqtjOsnLsT6oAwHIA0iqBNMBT9BqwMrEIDtPQbt1qWGNRFfcGy1TZ-URC3JY7PHISt57CrN-bI8kbnQFTckjDBOzy_nphczoMiwawyr5A6Du_IeyeeB0DRF6rlQPR6qOJ3AgZKt1TreWot1vkqXjzcA89kkjAOPo5vsimcb-PzkKjAH7MK3cz74yHx0h7YMJMfHIGsCIa_UIuX1BWhwfNwl1CsWYR1AHhkIDPpfqShmvcr3W9JITHeI0SKHemmdxvepfSTIBV8ejpxAcOLuC9BxeSp4dkR-j63uaJC3RcJiBYuaSz8AEpsnIwYwEkgUECAQYAZIFBAgFGASgBi6AB-nZjWqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCb4hbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi05MTQ2MDMwNzA5MjEwMTQ5GAA&sigh=NeYRo7We_Xs&uach_m=[UACH]&cid=CAQSOwDq26N9Jipq0A5QIJiyZ4NfHfo4EnadcuHs4yPafEprxWoDFV9Z8vfgSUAGrYH0I9ID0Mw2qDy3ohD1GAEgEw&template_id=419
Frame ID: 109452481CEB5E65902BA3F260806F4C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: 394D1BA9148C10BAD73366457C3E681B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Frame ID: F718045E348319CED43D6AC40A24115D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ACB4CB4CC656EEC3D2AA1E5AB78FEE16
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7FE91937C4385F20366E3F243B12CF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home · Dr. Venture

Page URL History Show full URLs

http://dr-venture.com/ HTTP 301
https://dr-venture.com/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

279
Requests

96 %
HTTPS

54 %
IPv6

34
Domains

53
Subdomains

39
IPs

8
Countries

4257 kB
Transfer

12949 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/groups/1kodisource
Title: Facebook-f

Search URL Search Domain Scan URL

URL: https://www.facebook.com/andclickit
Title: Facebook-f

Search URL Search Domain Scan URL

URL: http://youtube.com/drventure
Title: Youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/DrVentureYTube
Title: Twitter

Search URL Search Domain Scan URL

URL: https://teespring.com/stores/dr-venture-2
Title: Shopping-cart

Search URL Search Domain Scan URL

URL: https://www.amazon.com/shop/dr.venture
Title: Amazon

Search URL Search Domain Scan URL

URL: http://paypal.me/drventure
Title: Donations

Search URL Search Domain Scan URL

URL: http://real-debrid.com/?id=2691303

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dr-venture.com/ HTTP 301
https://dr-venture.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 196

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 199

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 209

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 210

https://um.simpli.fi/gp_match?google_gid=CAESEBaHUqCzvNsYJZORggSG-Is&google_cver=1&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyGhtMikj74w4qXge4o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=93EF89FEC9FA4325B99FABC3F035BD0A&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyGhtMikj74w4qXge4o

Request Chain 211

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC3hvUE58Ipr98rIYUFvP6Q&google_cver=1&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJHEU_GtM9LYiuuVnCT8XnSw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC3hvUE58Ipr98rIYUFvP6Q&google_cver=1&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJHEU_GtM9LYiuuVnCT8XnSw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5OTc3NTkwMTQzNTk5NDMzOQ&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJHEU_GtM9LYiuuVnCT8XnSw

Request Chain 213

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO6cRtREAu9dxzYFFY6SH8A&google_cver=1&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC2UV8GvhRCQ6ufp1LnIBZltYbZ7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWMEVQOU8tMTQtRUhYWA==&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC2UV8GvhRCQ6ufp1LnIBZltYbZ7Q

Request Chain 214

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELhO2NbZweleKZOT9OnxRFc&google_cver=1&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELhO2NbZweleKZOT9OnxRFc&google_cver=1&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI&google_hm=F186qGZHzNsa4Lq_TWeIn06k

Request Chain 215

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHTLk50yLY5H7kErNRtIZRM&google_cver=1&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjMEvj2MhICXnKgMAWADg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjMEvj2MhICXnKgMAWADg

Request Chain 230

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNnQ2MCMhvwCFYeZdwodIvcFeA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218

Request Chain 233

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COTX2MCMhvwCFRnFdwod18EBng;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121917262979653849765X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 236

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1671467189_e45c6091-7fb9-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

279 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dr-venture.com/
Redirect Chain

http://dr-venture.com/
https://dr-venture.com/

71 KB
20 KB

745ms
514ms

Document
text/html

108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 33594c17b6d9ff594fd7314b2ef736acd49253d65476f283e18bde4552e436c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 16:26:25 GMT
link: <https://dr-venture.com/wp-json/>; rel="https://api.w.org/", <https://dr-venture.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json", <https://dr-venture.com/>; rel=shortlink
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-ua-compatible: IE=edge

Redirect headers

Connection: Upgrade, Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Dec 2022 16:26:24 GMT
Keep-Alive: timeout=5, max=75
Location: https://dr-venture.com/
Server: Apache
Upgrade: h2,h2c
X-Endurance-Cache-Level: 0
X-Redirect-By: WordPress
X-UA-Compatible: IE=edge
X-nginx-cache: WordPress

GET
H2 200 style.min.css
dr-venture.com/wp-includes/css/dist/block-library/ 93 KB
17 KB 249ms
244ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 15 Nov 2022 21:37:32 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 wc-blocks-vendors-style.css
dr-venture.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 10 KB
3 KB 125ms
119ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 2985

GET
H2 200 wc-blocks-style.css
dr-venture.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 231 KB
49 KB 134ms
128ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 4c0c4ac934e1f5065090ad406d769f40c5f5028331e9f504bcd9714047d238e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 classic-themes.min.css
dr-venture.com/wp-includes/css/ 217 B
246 B 247ms
242ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 189

GET
H2 200 woo-mini-cart.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/ 6 KB
2 KB 129ms
124ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/woo-mini-cart.min.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 818feb14a6479f4bef8582e0a6a3efaf784ca857e9ba45e633bd22e05214eadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 1579

GET
H2 200 all.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/ 58 KB
13 KB 249ms
243ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 12867

GET
H2 200 simple-line-icons.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/third/ 11 KB
3 KB 248ms
242ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: fe41a7936fba4a26a21face5fbb35961e74b9b11eb9e78fa26560f6986be6ed8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 2692

GET
H2 200 style.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/ 172 KB
43 KB 249ms
244ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: ac78c8f735e2d541abe25e0234b8ea6796d53e1c0bd8c325b9298c82884e9bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 21a8b7b8cc7bffe49a634c4d44de543d.css
dr-venture.com/wp-content/uploads/oceanwp-webfonts-css/ 231 B
255 B 247ms
242ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/uploads/oceanwp-webfonts-css/21a8b7b8cc7bffe49a634c4d44de543d.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: a5f0389b387adbc47c850a6f005a0a899515e41263d9c990d2dc9170bbd83588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 19 Dec 2022 16:26:25 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 198

GET
H2 200 style.css
dr-venture.com/wp-content/plugins/newsletter/ 6 KB
2 KB 248ms
243ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/newsletter/style.css?ver=7.5.9
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 16 Dec 2022 13:03:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 1845

GET
H2 200 elementor-icons.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 360ms
355ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 4008

GET
H2 200 frontend-legacy.min.css
dr-venture.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 359ms
354ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 81aa28e1d4f2269c39cd849f8b3189a7d738745711549a5f0218b1bba8264c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 1059

GET
H2 200 frontend.min.css
dr-venture.com/wp-content/plugins/elementor/assets/css/ 135 KB
26 KB 447ms
442ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 0a2826f5675bb03987c50fc19764f29d51e8cce8361a4ba175064458d8773955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 post-473.css
dr-venture.com/wp-content/uploads/elementor/css/ 1 KB
503 B 359ms
355ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/uploads/elementor/css/post-473.css?ver=1671066249
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: a7d633c875988334aa4ea7cba2e67041543451a5b6006c8f35147496eee628f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:09 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 446

GET
H2 200 frontend.min.css
dr-venture.com/wp-content/plugins/elementor-pro/assets/css/ 396 KB
60 KB 446ms
442ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: a5788f5868215bfccb5f254bb3117dac43e8dba4467bdaf42183765badc49cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 all.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 446ms
441ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 12862

GET
H2 200 v4-shims.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 360ms
357ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 4436

GET
H2 200 global.css
dr-venture.com/wp-content/uploads/elementor/css/ 57 KB
5 KB 361ms
357ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/uploads/elementor/css/global.css?ver=1671066250
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: cd689d9f8e942eb70920a27adcbd2cbe84e0ccbfd3daf59aa57d952d8ebb987f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:10 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 5529

GET
H2 200 post-12.css
dr-venture.com/wp-content/uploads/elementor/css/ 4 KB
1 KB 360ms
356ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/uploads/elementor/css/post-12.css?ver=1671066389
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 822fabf0a2a298fbc76858f1fb0b1a16237afb8aa98d28a0a95357c09c1783d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:06:29 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 977

GET
H2 200 woocommerce.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/ 94 KB
24 KB 398ms
394ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/woocommerce.min.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 95cead66ac9a869984cf2c615ddcae6c1ca46c77f75e32d644fa465086675e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes

GET
H2 200 woo-star-font.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/ 2 KB
679 B 447ms
444ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/woo-star-font.min.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 04866acb939ad09defe832c7cc73ee7aba1a09b90a5f84c6b7936aa41d7c1167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 645

GET
H2 200 woo-quick-view.min.css
dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/ 5 KB
2 KB 446ms
443ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/woo/woo-quick-view.min.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 44835f625dd9869935218f678329b6d2ea92eebabfefcae0dde7318a8fbf6f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 1692

GET
H2 200 ytprefs.min.css
dr-venture.com/wp-content/plugins/youtube-embed-plus/styles/ 8 KB
2 KB 459ms
456ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.4.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 6c9e9bd4e992b05389236894daba31e34cc03e95c1dcb18fdb229087df1606c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 01 Nov 2022 01:05:11 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 2233

GET
H2 200 widgets.css
dr-venture.com/wp-content/plugins/ocean-extra/assets/css/ 50 KB
9 KB 444ms
441ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: c56e851a0803c43ff8adb5caeb0caf6439a99d0991deceff878a4124dca317d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 19:20:47 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 9366

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 141ms
58ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPermanent+Marker%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42e93f4942e058686557340578ff028bad3d4696e0533b0714b3c8ab461685a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 16:26:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:26 GMT

GET
H2 200 fontawesome.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 444ms
442ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 12577

GET
H2 200 brands.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 675 B
342 B 445ms
442ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 308

GET
H2 200 solid.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
343 B 360ms
357ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 309

GET
H2 200 jquery.min.js Show response
dr-venture.com/wp-includes/js/jquery/ 88 KB
39 KB 458ms
456ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 jquery-migrate.min.js Show response
dr-venture.com/wp-includes/js/jquery/ 11 KB
5 KB 446ms
444ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 31 Dec 2020 03:06:53 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4618

GET
H2 200 v4-shims.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 444ms
443ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4359

GET
H2 200 ytprefs.min.js Show response
dr-venture.com/wp-content/plugins/youtube-embed-plus/scripts/ 13 KB
6 KB 444ms
443ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.4.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b44b18e9a6cced6ba24a25855c23095283dba1ddfad87bc68859d87463eac07f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 01 Nov 2022 01:05:11 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 5754

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 103ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9146030709210149

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bff6c6a46f8cad8fffffc5bd48b783422332110666c3a03483c6d7f0b94565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49518
x-xss-protection: 0
server: cafe
etag: 17828971635051863288
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 16:26:26 GMT

GET
H2 200 wp-emoji-release.min.js Show response
dr-venture.com/wp-includes/js/ 18 KB
5 KB 248ms
245ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Jun 2022 01:47:42 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 5321

GET
H2 200 en.png
real-debrid.com/static/images/banner/ 44 KB
44 KB 113ms
51ms Image
image/png 2a10:13c0:ef1c::11
ETIX-EVERYWHERE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://real-debrid.com/static/images/banner/en.png

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a10:13c0:ef1c::11 , France, ASN197816 (ETIX-EVERYWHERE, FR),

Reverse DNS

Software

Resource Hash

97eec7f66cd1aa163ae5aa3222724d4c95dd9609e0c58fc47880ecf437f6423e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
referrer-policy: origin
last-modified: Tue, 15 Mar 2022 11:33:35 GMT
etag: "6230798f-ae35"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 44597
x-xss-protection: 1; mode=block
expires: Wed, 18 Jan 2023 16:26:26 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 25 KB
8 KB 457ms
394ms Script
application/javascript 143.204.95.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=58a9c1cf-f5e9-42ac-8668-a98cdc8acb8e
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-64.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 28900abcde1856c660faad313bf08bf7a4422c455e556c3c686f219257194f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: Public
date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
content-length: 8217
x-amz-cf-id: ZWelAewpU4mhkoorbEo5xmuU5-MMDx_d2OaYABx-62ScuZ0fxzL_eg==
expires: Mon, 19 Dec 2022 16:31:26 GMT

GET
H2 200 animations.min.css
dr-venture.com/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 120ms
119ms Stylesheet
text/css 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: text/css
accept-ranges: bytes
content-length: 2997

GET
H2 200 jquery.blockUI.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 118ms
118ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 3949

GET
H2 200 add-to-cart.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 126ms
117ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1203

GET
H2 200 js.cookie.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 127ms
118ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1000

GET
H2 200 woocommerce.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
826 B 139ms
130ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 792

GET
H2 200 cart-fragments.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/ 3 KB
1 KB 142ms
132ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1093

GET
H2 200 imagesloaded.min.js Show response
dr-venture.com/wp-includes/js/ 5 KB
2 KB 129ms
119ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Oct 2020 01:44:14 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 2103

GET
H2 200 theme.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 19 KB
6 KB 135ms
126ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 6113

GET
H2 200 drop-down-mobile-menu.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 14 KB
4 KB 132ms
123ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4428

GET
H2 200 magnific-popup.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/vendors/ 20 KB
9 KB 131ms
122ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 9206

GET
H2 200 ow-lightbox.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 4 KB
2 KB 136ms
128ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/ow-lightbox.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1587

GET
H2 200 flickity.pkgd.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/vendors/ 56 KB
20 KB 229ms
221ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/vendors/flickity.pkgd.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 66dd4e5c21b276f0f6302f05a0acfaec62edc461993593a028dd7113923f704f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 ow-slider.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 2 KB
979 B 211ms
202ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 945

GET
H2 200 scroll-effect.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 12 KB
4 KB 212ms
204ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 6ece33be05682148470133b0321834dad4007cf718bcf4242115472bf5c0a73d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 3913

GET
H2 200 scroll-top.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 9 KB
3 KB 219ms
211ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 2840

GET
H2 200 select.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/ 5 KB
2 KB 221ms
213ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1671

GET
H2 200 woo-custom-features.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/ 26 KB
8 KB 222ms
214ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/woo-custom-features.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: ae7653925acd2561dd4af55993a5a68381e8a2c64bfb3843ffb6b03137febeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 8579

GET
H2 200 woo-quick-view.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/ 37 KB
14 KB 225ms
218ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/woo-quick-view.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: fa83d88daa21aed351bbb2337059e617218514443dbc4a8997af406a98bf3460

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 14428

GET
H2 200 underscore.min.js Show response
dr-venture.com/wp-includes/js/ 18 KB
8 KB 226ms
219ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 8305

GET
H2 200 wp-util.min.js Show response
dr-venture.com/wp-includes/js/ 1 KB
792 B 224ms
217ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/wp-util.min.js?ver=6.1.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 758

GET
H2 200 add-to-cart-variation.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/ 14 KB
5 KB 220ms
213ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: bf8c713d2545b889e4ce9390e47c47a4a146649320f91ca11006bc948944ec4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4617

GET
H2 200 jquery.flexslider.min.js Show response
dr-venture.com/wp-content/plugins/woocommerce/assets/js/flexslider/ 22 KB
8 KB 222ms
215ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.7.2.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 14626e6a31e0abd24d5c6c12e5d2643263a6a4943a6d2e80f8cfaa1a122e3428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 09:37:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 8510

GET
H2 200 woo-mini-cart.min.js Show response
dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/ 11 KB
4 KB 219ms
213ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/js/wp-plugins/woocommerce/woo-mini-cart.min.js?ver=3.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: f7110646817c23ad841973838ce6adf0e546c749ddbefe1ac8b9a5130fccfa4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 3682

GET
H2 200 fitvids.min.js Show response
dr-venture.com/wp-content/plugins/youtube-embed-plus/scripts/ 3 KB
1 KB 216ms
210ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.4.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 01 Nov 2022 01:05:11 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1120

GET
H2 200 webpack-pro.runtime.min.js Show response
dr-venture.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 216ms
210ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 2ac429a18eaa50df6c5301709aa0a7d1f6f517557d1964307fae83ea119f55df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 2502

GET
H2 200 webpack.runtime.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 217ms
211ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 18f36558effb7463469e4087110bf188536e4942a0e3be8739d7ecab34fab4de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 2313

GET
H2 200 frontend-modules.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/js/ 31 KB
12 KB 223ms
217ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 132858a7a793814411def5f66c77fb9be9436be9bb8be5b8a55ca16630aaaa78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 12649

GET
H2 200 regenerator-runtime.min.js Show response
dr-venture.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 225ms
220ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Jun 2022 01:47:42 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 2675

GET
H2 200 wp-polyfill.min.js Show response
dr-venture.com/wp-includes/js/dist/vendor/ 17 KB
8 KB 227ms
221ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 7621

GET
H2 200 hooks.min.js Show response
dr-venture.com/wp-includes/js/dist/ 5 KB
2 KB 220ms
215ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 03 Jun 2022 01:47:42 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1712

GET
H2 200 i18n.min.js Show response
dr-venture.com/wp-includes/js/dist/ 10 KB
4 KB 250ms
244ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4233

GET
H2 200 frontend.min.js Show response
dr-venture.com/wp-content/plugins/elementor-pro/assets/js/ 21 KB
8 KB 250ms
245ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b4edb1f7ee778f9d08fbbc4ca5425f55c7be20b9f2cb400352bbcec8d22e8e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 7624

GET
H2 200 waypoints.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 225ms
220ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 3747

GET
H2 200 core.min.js Show response
dr-venture.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 249ms
245ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 08 Nov 2022 16:43:49 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 8344

GET
H2 200 swiper.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
46 KB 251ms
246ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 share-link.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 249ms
245ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1187

GET
H2 200 dialog.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 232ms
228ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 4200

GET
H2 200 frontend.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/js/ 40 KB
16 KB 250ms
246ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 883dff47fea6a3a5858d9fc03d0fdca51571bf1c25153c45725fdef2a89c0f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 16214

GET
H2 200 preloaded-elements-handlers.min.js Show response
dr-venture.com/wp-content/plugins/elementor-pro/assets/js/ 140 KB
49 KB 250ms
246ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 8291de041583fb3d7ede573ad981768436707bfda8d8f1f658ce0509adc19da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 preloaded-modules.min.js Show response
dr-venture.com/wp-content/plugins/elementor/assets/js/ 42 KB
17 KB 249ms
246ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: c9f8ab9f8bfaf9dee0b5b375738cb4bde8bcfb26a1c403f1de1bae56bb021e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 16877

GET
H2 200 jquery.sticky.min.js Show response
dr-venture.com/wp-content/plugins/elementor-pro/assets/lib/sticky/ 4 KB
2 KB 247ms
244ms Script
application/javascript 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.9.1
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 15 Dec 2022 01:04:08 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/javascript
accept-ranges: bytes
content-length: 1689

GET
H2 200 Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v16/ 29 KB
29 KB 145ms
63ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPermanent+Marker%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:22:37 GMT
x-content-type-options: nosniff
age: 371029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 09:22:37 GMT

GET
H2 200 / Show response
rumble.com/embedJS/u2kir9.vgsjlv/ 17 KB
8 KB 423ms
142ms Script
application/javascript 172.98.57.106
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embedJS/u2kir9.vgsjlv/?url=https%3A%2F%2Fdr-venture.com%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vgsjlv%22%2C%22div%22%3A%22rumble_vgsjlv%22%7D%5D

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.106 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

d8ae0e56e78597d6360e0414333c797e5d978960dccf9d1ff9ea8b523b526bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private,max-age=1
link: <https://rumble.com/vjepr5-real-debrid-service-set-up-clickit.html>; rel="canonical"

GET
H2 200 booyadrv.jpg
dr-venture.com/wp-content/uploads/2018/10/ 73 KB
73 KB 207ms
206ms Image
image/jpeg 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dr-venture.com/wp-content/uploads/2018/10/booyadrv.jpg
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/wp-content/uploads/elementor/css/post-12.css?ver=1671066389
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 396cce6d977e08c42a8b3c661f82a15c423a599ba15278216b083f27a497fa6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/wp-content/uploads/elementor/css/post-12.css?ver=1671066389
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
x-nginx-cache: WordPress
last-modified: Fri, 19 Oct 2018 17:44:49 GMT
server: Apache
x-endurance-cache-level: 0
content-type: image/jpeg
accept-ranges: bytes
content-length: 74298

GET
H2 200 fa-brands-400.woff2
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 215ms
213ms Font
font/woff2 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.9.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.9.1
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
x-endurance-cache-level: 0
content-type: font/woff2
accept-ranges: bytes
content-length: 76764

GET
H2 200 fa-solid-900.woff2
dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 208ms
206ms Font
font/woff2 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.9.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://dr-venture.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.9.1
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
x-nginx-cache: WordPress
last-modified: Wed, 14 Dec 2022 21:37:36 GMT
server: Apache
x-endurance-cache-level: 0
content-type: font/woff2
accept-ranges: bytes
content-length: 78196

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 105ms
30ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 420806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:33:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 114ms
39ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:34:12 GMT
x-content-type-options: nosniff
age: 420734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:34:12 GMT

GET
H2 200 Simple-Line-Icons.woff2
dr-venture.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 29 KB
30 KB 206ms
206ms Font
font/woff2 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: gator4215.hostgator.com
Software: Apache /
Resource Hash: 104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Request headers

Referer: https://dr-venture.com/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Origin: https://dr-venture.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
x-nginx-cache: WordPress
last-modified: Fri, 11 Nov 2022 20:36:20 GMT
server: Apache
x-endurance-cache-level: 0
content-type: font/woff2
accept-ranges: bytes
content-length: 30064

GET
H2 200 tagLoader.js Show response
s.vi-serve.com/ 2 KB
2 KB 1815ms
1623ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/tagLoader.js
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: e2050ed4a8ab3f74cc1a26ef380fdacc9004ec320d33bb088fccdbeef36cb657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvvCc3STzOxPcC5kaYmSmpkGVV6f1zjbkRSRLrXCbHx4mGIMqnPBAtgChTE7XOMllaLiVWYDM4voGbyZk_1WOmLmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 664
x-sp-metadata: HS256.CMK9gp0GEocBCiQyYTAwNmJhOC1iNjVjLTRkMzUtYjVkMi1hNmM0MzE5ZDQ1MGYQ8L6g2bHx+QIaBgiyoYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkMzVmMGRkYjAtN2ZjNS00MjRjLWE5ZTktMThiNjMwM2RmMTMzGJgFIhgIAhIUY2RzMjgwLmZyOC5od2Nkbi5uZXQ=.YRgIIUzTj1RnXztoiI9IJkYO1pMW+zZSc3ulhd/w3+I=
last-modified: Tue, 13 Sep 2022 09:35:47 GMT
server: UploadServer
etag: "b8424eae082287ec8a897dd5ef0325d7"
access-control-max-age: 86400
x-goog-generation: 1663061747521540
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=KGZ3hA==, md5=uEJOrggih+yKiX3V7wMl1w==
cache-control: private, max-age=0, max-age=300, must-revalidate
x-hw: 1671467186.dop097.fr8.t,1671467186.cds161.fr8.hn,1671467186.cds280.fr8.c
x-goog-stored-content-length: 1969
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 119ms
87ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9146030709210149&plah=dr-venture.com&bust=31071250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9146030709210149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

735b3be23232701a18d29f7f71b6a4438d0ce347329596ff4493693409d80d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120012
x-xss-protection: 0
server: cafe
etag: 1900675727660566081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 16:26:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame ADA4 10 KB
5 KB 54ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9146030709210149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 14:00:25 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 14:00:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1f609.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
867 B 29ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f609.svg

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 / Show response
dr-venture.com/ 2 KB
793 B 305ms
304ms XHR
application/json 108.167.183.87
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dr-venture.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=12

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.167.183.87 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),

Reverse DNS

gator4215.hostgator.com

Software

Apache /

Resource Hash

06ab43549ce481a78bded48c690a7f7454951077e3f82277a59fc73c9e001f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://dr-venture.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
date: Mon, 19 Dec 2022 16:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-nginx-cache: WordPress
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 0
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dr-venture.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 597
x-ua-compatible: IE=edge

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 72ms
33ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f05d878ed95db8473d919873ef9f9c66d990a41126362ed39a11eb9715204f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 19 Dec 2022 16:26:26 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ 77 KB
28 KB 136ms
136ms Script
application/javascript 172.98.57.106
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=334

Requested by

Host: rumble.com
URL: https://rumble.com/embedJS/u2kir9.vgsjlv/?url=https%3A%2F%2Fdr-venture.com%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vgsjlv%22%2C%22div%22%3A%22rumble_vgsjlv%22%7D%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.106 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

fd257c43a28b7a8c1f06f8dd386a062c2c5ddde288c9f6560140c4a398cafa3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br
last-modified: Wed, 14 Dec 2022 13:49:20 GMT
server: nginx
etag: W/"6399d460-13390"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000

GET
H2 200 HZw8b.EvCc-small-Real-Debrid-Service-Set-up-.jpg
sp.rmbl.ws/s8/1/H/Z/w/8/ 42 KB
42 KB 104ms
11ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/H/Z/w/8/HZw8b.EvCc-small-Real-Debrid-Service-Set-up-.jpg
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 626fac48c1563270e97696f67537652210083112b27c056b36d78d6a5026b509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
x-sp-metadata: HS256.CMO9gp0GEocBCiRhYmNmMjQ2ZC1iNWQzLTQwY2ItOGZiMy03MGY3NjYzMDY5ZmIQiJ+c85jj+wIaBgizoYKdBiIMMzcuNTguNTguMjQzKJqqAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkMDZmYjk4NjMtNWU2Yi00N2FlLWJmMmEtNDk1Mzc4MjMyZGE4GPvNAiIYCAISFGNkczE2NC5mcjguaHdjZG4ubmV0.Q3A1umKnkcq0i5qIgsU4PXev4wqLNMbS1nx/uXU9jxc=
last-modified: Sun, 04 Jul 2021 15:59:51 GMT
server: nginx
etag: "89e29a3bee964c437abae72baef4aae8"
x-hw: 1671467187.cds276.fr8.hn,1671467187.cds164.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=66531
accept-ranges: bytes
content-length: 42747

GET
H2 206 HZw8b.caa.mp4
sp.rmbl.ws/s8/2/H/Z/w/8/ 851 KB
0 109ms
20ms Media
video/mp4 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/H/Z/w/8/HZw8b.caa.mp4?u=2kir9&b=0
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash

Request headers

Referer: https://dr-venture.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
x-sp-metadata: HS256.CMO9gp0GEocBCiRlZDczYjQwYi1hMzEyLTQ0NTYtODFkNC1mNDg5YWY5YmMzNTIQiJ+c85jj+wIaBgizoYKdBiIMMzcuNTguNTguMjQzKJqqAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGi0IARIkN2Q4MDhhYmItOWI2ZS00MWJhLWFjYjQtM2FjNDA2Yjk3MWZhGKGdnSUiGAgCEhRjZHMwNTQuZnI4Lmh3Y2RuLm5ldA==.FhUpwPqtcx8PlLf6qKj7vxN0f2ru9lcS+GzWPi31p4A=
last-modified: Sun, 04 Jul 2021 16:03:07 GMT
server: nginx
etag: "ba5508858160fabee25849cef9f897c5"
x-hw: 1671467187.cds276.fr8.hn,1671467187.cds054.fr8.pc
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-78073504/78073505
cache-control: max-age=84308
accept-ranges: bytes
Content-Length: 78073505

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/34f9b71c/www-widgetapi.vflset/ 162 KB
53 KB 47ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b04406ab28a88a04e286448850d93efe32d0ae95a20e675ba191d0b9a3be9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:25:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54193
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Dec 2023 13:25:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
699 B 112ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=dr-venture.com&callback=_gfp_s_&client=ca-pub-9146030709210149&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9146030709210149&plah=dr-venture.com&bust=31071250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e04f14dd4bcaa0c53ed4f6413004e3fd8e6ee6555d2d8fed7faef304d4f476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 179ms
73ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dr-venture.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 172ms
77ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dr-venture.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FE7 462 KB
77 KB 1165ms
1135ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&adk=1812271804&adf=3025194257&lmt=1671467187&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fdr-venture.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186645&bpp=6&bdt=670&idt=373&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6918969211467&frm=20&pv=2&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=398

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73d2a8fcf9292509a74667b40fe3f9c46da8b8b96fd49f70aa57bb55dd7ca835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 78675
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:28 GMT
expires: Mon, 19 Dec 2022 16:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AD7 92 KB
33 KB 748ms
723ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=280&adk=3539277281&adf=4047435374&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1671467187&rafmt=1&to=qs&pwprc=5211295787&format=1200x280&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186651&bpp=2&bdt=676&idt=395&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QQ260qtLVo&p=https%3A//dr-venture.com&dtd=398

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de57b295a57b37467fb719f67540c8a6da9229d349cec50a405c3adebed84ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:27 GMT
expires: Mon, 19 Dec 2022 16:26:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 SLQNzCt1JzQ Show response
www.youtube.com/embed/ Frame 3540 62 KB
27 KB 82ms
81ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c365bc96f65e0ea88341593cd90119fee6c0fcad6504e0ce0366a450293732c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view...gsjlv.1cggcbv
rumble.com/l/ 35 B
191 B 330ms
329ms Ping
image/gif 172.98.57.106
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...gsjlv.1cggcbv?p=2.3&r=107983593&ref=https%3A%2F%2Fdr-venture.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.106 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 16:26:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 372 KB
125 KB 351ms
289ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: rumble.com
URL: https://rumble.com/embedJS/u2kir9.vgsjlv/?url=https%3A%2F%2Fdr-venture.com%2F&args=%5B%22play%22%2C%7B%22video%22%3A%22vgsjlv%22%2C%22div%22%3A%22rumble_vgsjlv%22%7D%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Mon, 19 Dec 2022 16:26:27 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/34f9b71c/ Frame 3540 360 KB
49 KB 277ms
276ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49901
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Dec 2023 09:42:11 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/ Frame 3540 316 KB
98 KB 283ms
282ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100066
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 19 Dec 2023 11:47:05 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame 3540 2 MB
587 KB 281ms
280ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600672
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 15 Dec 2023 19:36:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/ Frame 3540 9 KB
3 KB 294ms
292ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 18:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Dec 2023 18:08:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3540 15 KB
15 KB 333ms
31ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 284729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 09:20:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3540 15 KB
15 KB 337ms
36ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 324686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:15:01 GMT

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4A73 693 KB
222 KB 48ms
17ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 96044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 13:45:43 GMT
expires: Mon, 18 Dec 2023 13:45:43 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 308ms
95ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Dec 2022 16:26:28 GMT

POST
H2 200 a..2kir9.2kir9.gsjlv.c.2y.iwdjzw
rumble.com/l/ 35 B
191 B 134ms
134ms Ping
image/gif 172.98.57.106
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/a..2kir9.2kir9.gsjlv.c.2y.iwdjzw?p=2.3&r=107983593&ref=https%3A%2F%2Fdr-venture.com%2F&t=6&a=0&art=0&atype=0&et=790&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.106 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 16:26:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

POST
H2 200 a..2kir9.2kir9.gsjlv.c.2y.iwdjzw
rumble.com/l/ 35 B
191 B 134ms
133ms Ping
image/gif 172.98.57.106
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/a..2kir9.2kir9.gsjlv.c.2y.iwdjzw?p=2.3&r=107983593&ref=https%3A%2F%2Fdr-venture.com%2F&t=5&a=0&art=0&atype=0&et=790&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.106 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 19 Dec 2022 16:26:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
server: nginx
log-code: 3
content-type: image/gif

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3540
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

23ms
23ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f55adf513d69a3adfa6d9faacf8be18cc918a103a1da9a19cfba112784d78ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Dec 2022 16:26:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3540 29 B
588 B 176ms
15ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:13:52 GMT
x-content-type-options: nosniff
age: 755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 19 Dec 2022 16:28:52 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3540 66 KB
30 KB 67ms
35ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ebdc9a5695003e64631aaac60c195967ad1bc1f2b9e2ccc0a382582b59cb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31144
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 3540 0
19 B 23ms
22ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=bN306DQOvtapnzIT&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24292955%2C24406621%2C24415864&cl=495406532&seq=1&event=streamingstats&docid=SLQNzCt1JzQ&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20221214.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:1;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
X-YouTube-Client-Version: 1.20221214.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtULUh1OXlJVkwyQSizoYKdBg%3D%3D
X-YouTube-Ad-Signals: dt=1671467187748&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C360&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:27 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/ Frame 3540 26 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 05:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8313
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 01:14:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Dec 2023 05:12:31 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 157ms
23ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Dec 2022 16:26:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 7AD7 9 KB
5 KB 112ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=280&adk=3539277281&adf=4047435374&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1671467187&rafmt=1&to=qs&pwprc=5211295787&format=1200x280&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186651&bpp=2&bdt=676&idt=395&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QQ260qtLVo&p=https%3A//dr-venture.com&dtd=398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H2 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame 7AD7 10 KB
4 KB 113ms
31ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7AD7 8 KB
895 B 116ms
52ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 14:30:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7AD7 2 KB
765 B 53ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7AD7 23 KB
10 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7AD7 3 KB
1 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7AD7 18 KB
7 KB 57ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7AD7 153 KB
47 KB 167ms
73ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 7AD7 34 KB
14 KB 95ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3540 90 B
134 B 27ms
26ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d77845fffdfcc5ad279366520e7f994a6ef105ff738d8d2be931c202523b3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 19 Dec 2022 16:26:28 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7AD7 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP9C4s5CgY4GHBoOC2fcPkfyz-A3bk6GCbvqSxtfBD9Ggm-iODhABIIqB_ytglcKmgrAHoAHvnf_bKMgBAakCd-czwSogez6oAwHIA8sEqgTRAU_QtN3keXobjEITnHBglNC7Aq_Offmt5gCmgrZqDcFANA3yKjqFYklHAGyfH6hg3J_La8aF6GhS_wM9npTkTQ0XUGuTAdLB3dKZ5ajJoJLOW5LxJy0ruosZmZX3N53EJ6RknPIf7yqUMdNsUg9dgBdCndoBn7NQVzSGkDWp7tiAmV4YEm8OC35CM1oa-_fQ8OgpL7UiETTetDBmhtWJ1On4GCX4YgFIyMudBs867zpTV6I3SHeATtmwLwNhjg5Ao0bb0U-E_gFfSfeuor5vQ6KvwASet7zFjwSSBQQIBBgBkgUECAUYBIAHlpT3uwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC-7CnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBNAVAYAXAbIXHAoaCAASFHB1Yi05MTQ2MDMwNzA5MjEwMTQ5GAA&sigh=3qq9l2OIbUo&uach_m=[UACH]&cid=CAQSGwDq26N90vnxn65wLp0JwYy0WFlV5VcFag4glxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=280&adk=3539277281&adf=4047435374&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1671467187&rafmt=1&to=qs&pwprc=5211295787&format=1200x280&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186651&bpp=2&bdt=676&idt=395&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QQ260qtLVo&p=https%3A//dr-venture.com&dtd=398
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24E1 143 B
166 B 19ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=280&adk=3539277281&adf=4047435374&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1671467187&rafmt=1&to=qs&pwprc=5211295787&format=1200x280&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467186651&bpp=2&bdt=676&idt=395&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QQ260qtLVo&p=https%3A//dr-venture.com&dtd=398
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7AD7 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1850a40fbb0e52b2de821792ddc4ddeb9dedcf0cc66d5c8401592b637fcd559b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 24E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:28 GMT
expires: Mon, 19 Dec 2022 16:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7AD7 28 KB
28 KB 30ms
30ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:38:02 GMT
x-content-type-options: nosniff
age: 416906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:38:02 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49e62b72e459e2dae90ea8389ecc1873a51c205c791aa422d43f58130c0c8191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52378
x-xss-protection: 0
server: cafe
etag: 10964719889708965486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
23ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dr-venture.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 110ms
50ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dr-venture.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1184 34 KB
13 KB 678ms
677ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=2059675521&adf=1340942327&pi=t.aa~a.2191923801~rp.4&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0glqHDoQw&p=https%3A//dr-venture.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a23d9860ea4d30755d87282807a059602cf072b1d0a8d334076689aa8fa2d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 13178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7E16 134 KB
44 KB 1044ms
1043ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d90660626f67e1509d3a88c930a94d9ad00375ae7b1df202adb9a95504cdee5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJenlMCMhvwCFaMprQYd56cDkg&gqi=tJCgY82PFYiw1gbH9YfYDQ&layout=/sadbundle/%24csp%253Der3%24/9590821348355910724/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 44946
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJenlMCMhvwCFaMprQYd56cDkg&gqi=tJCgY82PFYiw1gbH9YfYDQ&layout=/sadbundle/%24csp%253Der3%24/9590821348355910724/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 15:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2144
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 17:50:44 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame FA1C 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 14:57:15 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 5C13 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Sun, 01 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame DF35 10 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Sun, 01 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame AC6C 10 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Sun, 01 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame E10D 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Sun, 01 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 source.m.js Show response
s.vi-serve.com/ 184 KB
44 KB 398ms
96ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/source.m.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/tagLoader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: f756fcd9c73ee679d4d461d075af97937712945000ca336d1b4fe4c1a5a6ed7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycducEsw9HAMfTz6TFsyxcWCdvxID2oh3Kq37CHHlqoIB6dpjEYuyDBFXB55lVBoEndOUlZZVygAuUBm4g19eePjaYWjaFkHN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44819
x-sp-metadata: HS256.CMS9gp0GEocBCiQ2MTViZGM4MC02Y2JhLTQ0OTgtODkwOC1jMjljNTc1NDBiYzcQ8L6g2bHx+QIaBgi0oYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNzlmOTZmODYtM2RkNS00MzhmLThkNGQtNzQ0MDAxZDU3ODlkGJPeAiIYCAISFGNkczE0MS5mcjguaHdjZG4ubmV0.59HBQ0v7Mnd9F4/s/O0zDnylZ2hPG5kwAdJUpz/0iEM=
last-modified: Tue, 15 Nov 2022 11:25:51 GMT
server: UploadServer
etag: "d8dc50826782b620b4d67ccad8c63d29"
access-control-max-age: 86400
x-goog-generation: 1668511551925045
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=SK3kog==, md5=2NxQgmeCtiC01nzK2MY9KQ==
cache-control: private, max-age=0, max-age=300, must-revalidate
x-hw: 1671467188.dop097.fr8.t,1671467188.cds161.fr8.hn,1671467188.cds141.fr8.c
x-goog-stored-content-length: 188600
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 css2
fonts.googleapis.com/ Frame 5C13 4 KB
636 B 55ms
55ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 16:06:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5C13 205 B
229 B 30ms
30ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:17:29 GMT
x-content-type-options: nosniff
age: 539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Dec 2023 16:17:29 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5C13 604 B
628 B 32ms
31ms Image
image/png 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:22:32 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Dec 2023 16:22:32 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 5C13 19 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52712
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 01:47:56 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame DF35 9 KB
4 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame DF35 10 KB
4 KB 32ms
31ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF35 8 KB
895 B 55ms
55ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 16:26:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DF35 2 KB
765 B 16ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame DF35 23 KB
9 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DF35 3 KB
1 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DF35 18 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF35 153 KB
47 KB 266ms
203ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame DF35 34 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame AC6C 9 KB
4 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame AC6C 10 KB
4 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AC6C 8 KB
895 B 55ms
55ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 14:29:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC6C 2 KB
765 B 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AC6C 23 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC6C 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC6C 18 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC6C 153 KB
47 KB 166ms
107ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame AC6C 34 KB
14 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame E10D 9 KB
4 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 01:19:26 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame E10D 10 KB
4 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 14:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 14:10:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E10D 8 KB
895 B 54ms
53ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:28:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E10D 2 KB
765 B 29ms
27ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E10D 23 KB
9 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E10D 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E10D 18 KB
7 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E10D 153 KB
47 KB 267ms
214ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame E10D 34 KB
14 KB 51ms
50ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 64ms
23ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=541984571&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu2kir9.vgsjlv%2F&dr=https%3A%2F%2Fdr-venture.com%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%B7%20Dr.%20Venture&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACgBIC~&jid=1243519519&gjid=876515718&cid=1364103228.1671467187&tid=UA-44331619-1&_gid=933776991.1671467188&_r=1&_slc=1&z=240010233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dr-venture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr-venture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
15ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=541984571&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu2kir9.vgsjlv%2F&dr=https%3A%2F%2Fdr-venture.com%2F&ul=en-us&de=UTF-8&dt=Home%20%C2%B7%20Dr.%20Venture&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Embed&ea=View&el=vgsjlv&_u=YAhAAEABAAAAACgBIC~&jid=&gjid=&cid=1364103228.1671467187&tid=UA-44331619-1&_gid=933776991.1671467188&z=1708813905

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 08:43:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27759
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 902C 8 KB
895 B 54ms
54ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 15:47:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 902C 2 KB
765 B 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 902C 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 902C 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 902C 18 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 902C 153 KB
47 KB 163ms
162ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:28 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 902C 34 KB
14 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 12:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 12:26:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 96E2 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4963 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E10D 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQwWhs5CgY7a7CrTdtOUPhvmskAqtpa6CbvCOofixEJ_ipZaPDhABIIqB_ytglcKmgrAHoAHvnf_bKMgBAakCd-czwSogez6oAwHIA8sEqgTLAU_QNzHSHd3da7A4Kf_rF3Tsb44SG1PKIfX5m3KpqsPohFftGn258QhVEd5THU1PnZxB4DZqshm5RghDx4ghp9hAwy7tkTi9O8f_Kq1qssCoZjZAUa73Hs-TzPB30cXgz9PfXz-PMviFDfjEnlcfgQGHEME_0Clu8TyFU1QVDU9xRT5ymObBkC3_rEXnVY6-KosN3cM2ugXcbIDbSUC1Fi8X0aBm93EkuAhTOxASRQOdGy81FyoEJ36LrjmbMnI6Cr-EVGUupAK6D1lCwAS5yfThhwSSBQQIBBgBkgUECAUYBIAH_cfPuwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCViwvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUBdAVAYAXAbIXHAoaCAASFHB1Yi05MTQ2MDMwNzA5MjEwMTQ5GAA&sigh=-_SUqubobDk&uach_m=[UACH]&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B5B 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E10D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e2ec7f12773fe6dd5e9fbede42ada504c194385e62043d4237cbd9f5a93d920

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 59ms
19ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44331619-1&cid=1364103228.1671467187&jid=1243519519&gjid=876515718&_gid=933776991.1671467188&_u=YAhAAEAAAAAAACgBIC~&z=1707308855

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dr-venture.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dr-venture.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 032A 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 96E2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

1497ms
1497ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:31 GMT
expires: Mon, 19 Dec 2022 16:26:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4963
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

1473ms
1473ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:31 GMT
expires: Mon, 19 Dec 2022 16:26:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B5B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

1493ms
1492ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:32 GMT
expires: Mon, 19 Dec 2022 16:26:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1364103228.1671467187&jid=1243519519&_u=YAhAAEAAAAAAACgBIC~&z=1933603909

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 144ms
64ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-44331619-1&cid=1364103228.1671467187&jid=1243519519&_u=YAhAAEAAAAAAACgBIC~&z=1933603909

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 032A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

1503ms
1503ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:32 GMT
expires: Mon, 19 Dec 2022 16:26:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 406321312659913.js Show response
s.vi-serve.com/publishers/ 0
391 B 437ms
137ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/publishers/406321312659913.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
x-sp-metadata: HS256.CMW9gp0GEocBCiQyYWIxZTE1NS05OGJkLTQ3MDQtYjM1OS0yMGJhYTNmMmZmNjYQ8L6g2bHx+QIaBgi1oYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGikSJGE5YTY1MmJlLTY5MzQtNGIzNy05ZDY5LWQyM2Y1MTVlNDNkNhjVASIaCAISFGNkczE0OS5mcjguaHdjZG4ubmV0GAk=.sEZ9h9awvKr1dQk2fHcki+3QI5HOPeJKg7ZfhjtFgzI=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-hw: 1671467189.dop097.fr8.t,1671467189.cds161.fr8.hn,1671467189.cds149.fr8.p
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 26B7 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSFrBtJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTEAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnjK-_svbMyfKxkDpxS-c4exYsFqu8szSuZgvgyq0KYctXEuxIHY6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkxNDYwMzA3MDkyMTAxNDkYAA&sigh=RzHUpDaRROg&uach_m=[UACH]&cid=CAQSOwDq26N999mDA6k6kk1Izi06OkEEhnOoo_FjP2JletRui3vJJ61i9Z2tjwbm7oblD4rtjwyi6H2EQH5EGAEgEw

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=2059675521&adf=1340942327&pi=t.aa~a.2191923801~rp.4&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0glqHDoQw&p=https%3A//dr-venture.com&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 26B7 0
0 67ms
23ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kk5baqwdt66nd87y7pmkz053jwxejyyz45pm0bdtn0f0rzw9k7mh55f73ra23a17t0tbjv2jv88kyrm6dpqs2nhry396v22vf12h3twy21tccgd42damth5f55dmq8d84909nas6y0s9zdjwy75ma4bj162vawfgv1ntjbbr9txhbwx34syq7gecwm3j970kkekdsn77cvg9ce8ga9f2fxv426xf18h846yx59arjz2vgxd62zwyexy41gr74a2xtzb24epnrff76dxvw4whc9v2j5zmxxz2zbdtded4cp5aznp3bnaab63ekx03gsdmb8w3pmrn3djnz4xkhprs52ty4q5tmjyffn06xbp8zeqx06041f06ch7jn5r3a71f26gqa0f0c&b=Y6CQtAAGadUKfQdlAADjYClQId-9zn3tT3gZ_Q
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 16:26:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5BB3 2 KB
2 KB 67ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=2059675521&adf=1340942327&pi=t.aa~a.2191923801~rp.4&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0glqHDoQw&p=https%3A//dr-venture.com&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb89bcb7ce1049b0403767264f46165f9d0b0a5681c38233d0c856a56acb90a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c1800bae3c9247-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 26B7 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 55F4 1 KB
643 B 15ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Tue, 20 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 26B7 18 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26B7 153 KB
47 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:29 GMT

GET
DATA 200
OK truncated
/ Frame 26B7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46e610e7811a163f1c6531cd767fef1049596c420ef1b59b934200246a96589

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 55F4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOu...

43 B
420 B

210ms
195ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77c1800d1a295c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 428
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDeT9absloOjIJCytTSLw3w&google_cver=1&google_push=AavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NGpZvoxJFXyEAh1aM22Wdah5DXM-xjetuhcn-9TCyj04iEhZ5pptEq2Sc8fnw1VNm9ML_jm15ZnIPX-DEa3Bx8_qlDwOuEFA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 77c1800bdf515c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55F4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBaHUqCzvNsYJZORggSG-Is&google_cver=1&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyGhtMikj74w4qXge4o
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=93EF89FEC9FA4325B99FABC3F035BD0A&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyG...

170 B
188 B

65ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=93EF89FEC9FA4325B99FABC3F035BD0A&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyGhtMikj74w4qXge4o

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 19 Dec 2022 16:26:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=93EF89FEC9FA4325B99FABC3F035BD0A&google_push=AavPq0PaZms92TbWjaqjHYtXd5zaucVqEXR934novEuOKmYuriH056f2Y_hs1iTuZFgQbJEoc80kJqqdl1ymNyGhtMikj74w4qXge4o
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 18 Dec 2022 16:26:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55F4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC3hvUE58Ipr98rIYUFvP6Q&google_cver=1&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC3hvUE58Ipr98rIYUFvP6Q&google_cver=1&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5OTc3NTkwMTQzNTk5NDMzOQ&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txl...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5OTc3NTkwMTQzNTk5NDMzOQ&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJHEU_GtM9LYiuuVnCT8XnSw

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU5OTc3NTkwMTQzNTk5NDMzOQ&google_push=AavPq0OHhWeA1N1RjPy4gtG7clG73Fwpqil6NdLTg9WX9nzaZdwFjT-yla_9aHa3y2CONGrdrY5txlEJHEU_GtM9LYiuuVnCT8XnSw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 55F4 43 B
352 B 58ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELBq3ToioZde9Ub6na0-tis&google_cver=1&google_push=AavPq0PiaCqKTfCGX1hzdz1-1xAAmBB-o-KiSHfdsar_Ia0L0JxMM85hYsHJT8FLkrryx9Yzu6vn7gQtyGupQdOizBNIEnP8tApgrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=2059675521&adf=1340942327&pi=t.aa~a.2191923801~rp.4&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=-M&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280&nras=3&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1581&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=n0glqHDoQw&p=https%3A//dr-venture.com&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: mtrvhtjjt3jcbp8a5pnbtqqdu2q1q3hk

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 55F4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO6cRtREAu9dxzYFFY6SH8A&google_cver=1&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWMEVQOU8tMTQtRUhYWA==&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC2UV8GvhRCQ6ufp1LnIBZltYbZ7Q

170 B
329 B

27ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWMEVQOU8tMTQtRUhYWA==&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC2UV8GvhRCQ6ufp1LnIBZltYbZ7Q

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJWMEVQOU8tMTQtRUhYWA==&google_push=AavPq0PP_hTOXMSY4maE4uM6po26yvTGtMP8vmqp5Fo2g8iB5oICy6lLNbH2FQbNClM6AdrtTxC2UV8GvhRCQ6ufp1LnIBZltYbZ7Q
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55F4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELhO2NbZweleKZOT9OnxRFc&google_cver=1&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmt...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELhO2NbZweleKZOT9OnxRFc&google_cver=1&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmt...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI&google_hm=F186qGZHzNsa4Lq_TWe...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI&google_hm=F186qGZHzNsa4Lq_TWeIn06k

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 19 Dec 2022 16:26:29 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MOPgXIutB8fAJAYfhdTapV6l0Pfwb2rGspDv4LP324SgDuAgJzSzQvAgHoWSBPaTqoL87nubFTT-EMOeWmtM6nLpZMOTxNYFI&google_hm=F186qGZHzNsa4Lq_TWeIn06k
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55F4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHTLk50yLY5H7kErNRtIZRM&google_cver=1&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjMEvj2MhICXnKgMAWADg

170 B
188 B

54ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjMEvj2MhICXnKgMAWADg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OABgVToXFSg89_-Uf6AozXkn5Sio7iuomwfXoBY4rIcbY-IVXdZbzNhiHk15Qxho3s6akwuVFBvJjMEvj2MhICXnKgMAWADg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 55F4 0
223 B 74ms
22ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6dwemPI50aeg7lUTRsaNVIC6NmOpA7fAqv1pjDem7g_kAbYbr4Ri3K5tZdX7u8plPQOoR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5BB3 89 KB
12 KB 41ms
29ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 531555
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPm8oKUK1x2kQ79GRbAiKNq%2Fbm7ebSrv8QWO74wvowFiRbvg4te5cdGLkAT8VP1qTnL6Jknum%2BboTvTg5DtcJ5zc92O1KnEq9o6T%2Bu1lc2bPQjXDLwkxKsKBxZy8DaaGdDJ6Ho6eqAk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77c1800c09248fd6-FRA
expires: Mon, 19 Dec 2022 17:26:29 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5BB3 35 KB
12 KB 44ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 554890
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Itri%2FfD3N7LpI6gAH%2BqO1iRNTsr4ZF1LCIMjy734nSbmY%2Bu%2FUaooxPNcBCK1VX2dkF5iN%2FRLn%2FHf5D5bjYchhVA50Ey20%2F5p0%2FXIH7GU1K6FP3NQM0Q9F%2FDvSwSm6yGGnpsX4g0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77c1800c0f159247-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5BB3 3 KB
4 KB 89ms
44ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28371471
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df%2FMSRn9BQPBF3qFxaXz5LD3mLxvxPop9m%2FUpuSJ7fXc9akmgTw366lgeL9jszNuQnAs0fMyUXgS0K%2BieuUA%2FoWDFcfk1kQtq8v3khXgZXAi8bB6kKmdezVAdr6bNruY%2FLkZJOVSTuRNeFkks3HUL43c"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77c1800c9e8069a3-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C80C 2 KB
1 KB 22ms
21ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1974075
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77c1800c49a98fd6-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 16:26:29 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KOPs4H%2F4BA1b1VwKRKZFkG6XGBaQqC8Du%2F6%2FqriMZ4Scy2STIkB%2BKE%2BvDE1D2eDVTO6ZcwehvOH39o2o5i3ZxVn7UEsFcZ40VtCwYUVRpKj6Vx5KC0exlwOadImq%2BSxwAp%2FDU0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 5BB3 1 KB
2 KB 50ms
49ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 715e69ff474b5899408d3daf2b7aaa381caa312242f20014ffdfcb893b89b83b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueoOq%2BQ%2FKzq8jvjCruDsvocG6%2Bo1KjVWdaqk89TQbgeuUcfqBJjhlO6pz9oLjrw5xs8we3QGB3h%2BdvLey%2BcAJMnf7xtCwAFoJALVqiOLV%2BzgMi9y76JBP7Ef97%2FM70YKlimsH2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77c1800d0af7bb65-FRA
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 89ms
75ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77c1800c99dfbb65-FRA
content-length: 24
content-type: text/plain
date: Mon, 19 Dec 2022 16:26:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWIBN6rwyFJYFMXGV9WMmcoSQVGJiGmwMGjNhoLGObanm2P3WUjIJjZ%2F2jNsmezHlu58hgts0aQ%2BAfHwqfXUYehs1YV0zmmFhte%2F68LawUXuhs5Ugubp5zdiNyH%2BqfJWWHIALMw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H2 204 406321312659913_dr-venture.com.js Show response
s.vi-serve.com/publishers/ 0
365 B 477ms
176ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vi-serve.com/publishers/406321312659913_dr-venture.com.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
x-sp-metadata: HS256.CMW9gp0GEocBCiRlODQ0ODgyYS1lNGU2LTQ2MjUtYTNkNy0wNzVjMGI4MzcxOTIQ8L6g2bHx+QIaBgi1oYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGikSJGEwNTAxYzExLTA1YWQtNDUyYi1iYTI2LWQyNDQ3YThiMzhkYhjkASIaCAISFGNkczA1MS5mcjguaHdjZG4ubmV0GAk=.iiFeaJBDaeQIiIpbjognwpAn3ElX2C+7opSov2rQBH8=
access-control-max-age: 86400
access-control-allow-methods: GET,POST
x-hw: 1671467189.dop097.fr8.t,1671467189.cds161.fr8.hn,1671467189.cds051.fr8.p
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=300, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26B7 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.2333,req.19,bpp.1,fb.718,e2e.946,fs.-1671467188308,reqs.-1671467188308,ress.-1671467188308,rese.716&e=&id=csi_pagead&gqid=tJCgY-nlFMbSxwL3vZa4AQ&qqid=CNX9k8CMhvwCFWUHfQodYOMAiQ&rt=lb.117,ol.228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5A09 9 KB
4 KB 38ms
38ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

447abe420c9c6389df137a77e34ace3afcb8d0dc047be85df62242f51cd68c62

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ks3t3rfxemfz7n64y8gd6cr661rdae45n5ff7neqkzpprtcsnry3zk0rnp8e5t9swnc1v90qnz7fqxpeccc7ysmn2bnwp46ywatndcd87szee2vt4m42awn1w0vbvrkejexye6t075gcvasgprj523ss5a2mkhr7c2ghwax0dbyztc1nn6z8r9z1xhf32pwhs3gps19eg6knvp00f78qdxzj0ph54e2wb0qvq5fg5adnhvzv9g899wyfte7tqevg255bfjj8y6pc3h0375cxm66yfpmsz88dw95rcfmdcjxqfdxbw0zm70fr0939q1bykfv5v5cwg4d67dt04ksn2ccj43pcmzsn60pg7csy2230qm3q2zcb62n2rnt0s83g1nn6rheba8whr5gt53k1115yxgv9vrvwkv4dw02tmm33dxcr2g0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%26client%3Dca-pub-9146030709210149%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c1800d6c498fd6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:29 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7AD7 42 B
64 B 82ms
52ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmAMFpzvnNro2CIRL3k89yKnoN3ZwA_RhcYP7aaE_MZhDxOiXtsD6Lc_VLDvO6GiNmipHqOAYIB0-ZMlsX7WjQeJ_DdHOXcKb_BYoWNAuILNmktlekiQciFsR15qcZAJkzQW6p0A&sai=AMfl-YQLlKXEjXo8nsnNYc6mqWHk0AAnQamgRmTPJxjqdEwWMuOc9sjI_mk6Wcp8B00lE2Djxwj2o-iVbwWW8eg&sig=Cg0ArKJSzIg8XM3wN3vkEAE&cid=CAQSGwDq26N90vnxn65wLp0JwYy0WFlV5VcFag4glxgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3539277281&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671467187050&rpt=1304&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5A09 89 KB
11 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 531555
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNlM5Qx4rj8u%2FpAyEyouhxT9gz5R99FER7LxHElCT6FvgYff61HylkbNKgtqHdWI1vMmGwBIxQPxlzT7BZZwjVbzHi1VV08ZXYSy7Q%2Fxk%2FLB2aqfVrloxtfgbyaYowD9AsbzavnA1nY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77c1800dbcfc8fd6-FRA
expires: Mon, 19 Dec 2022 17:26:29 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 5A09 53 KB
54 KB 39ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2147378
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmhZ%2FmLRBqR6J4TOQU2lU0iOss1uW%2FvOrWlsCAyLc8GgLb6grDRZq045CJqwtG2xj6fdiDpALzVFwl%2F3UE4OJYd4HrBYvKtLS10tLL%2Bp%2BOSieemj%2BxE7El%2FBScVHjBKB1tJ8sj99K4Z1ElUd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800dcba19247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 5A09 11 KB
11 KB 30ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176343
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWW20i8nWx8RzoLw3UGtx7uei69zjW7mstacOAl%2Flf%2F557URSlGU83D%2FjPd0b81LmwvSaDlrsYVGBrON3QhpAd6%2BN36DAXHeIz8HFWjulH21nuDUdIsYheTKa%2FklFyvupz9%2Fl8pRp%2BgL2y7q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800debf79247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 5A09
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNnQ2MCMhvwCFYeZdwodIvcFeA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...

49 B
1 KB

109ms
25ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:26:29 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 5A09 9 KB
9 KB 38ms
35ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2140567
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE4nY%2B4KpZAB5hHPDVX1aS51r5t9ql2e0148hKP2yD86FXdRdpQgVRXyrPrS%2FuCenBRWmJLsTA40fwH9IrsA8pB5AjaXxpHVoeW7FGZy3kw1AJ%2Bvkr1xQU1hv5lFWyEITpi%2B3Rw7tpFMmKNj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800debfb9247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 5A09 20 KB
20 KB 24ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167038
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAQuqWAntdrMdrcmZPbQyfoc%2B5Ol4ORXnYTQPQsIuVS9jobdb4Jwkc%2BmwhkjUo7XBX76bN%2F765kASHWODql1jpZ%2FoH9JQ2Zt7n8MENYcctrz3iu%2FJCzR0iyzYEnmWG9rYet%2BtcjLZCRAdsde"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800dec029247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 5A09
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=COTX2MCMhvwCFRnFdwod18EBng;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121917262979653849765X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

64ms
16ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121917262979653849765X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:26:29 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022121917262979653849765X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 5A09 16 KB
16 KB 38ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1699502
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dmwTEy%2BLOS5enEh%2B%2FDFJwVQqewmrk8z0DizzwzBmx5w8dtPUHFxUIN%2FcqgZof9vOc8pZTxxYZIScaPxi9QYktxpmc%2BUHXy%2BUGcuIgS9TagOdlR%2FFw5UybQ2js2nbG65CN7%2FfT8qLpGLv47V"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800dec059247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 5A09 222 KB
222 KB 44ms
42ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1503133
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98Ykct73RA6wlvGoRIov4yPpzPuhyJA4u6mxqupyhip4sQ02XTZXzR001u4OgxXjl%2BQYxv9w7BfyKPEWdqzRQ5PFSH%2FlEt8FYEBVV0x0gmek4MHRCC6Ex%2BgL8DSpy411T8wml7QW7gC5afoO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c1800dec0a9247-FRA
expires: Tue, 20 Dec 2022 16:26:29 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 5A09
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1671467189_e45c6091-7fb9-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

0
639 B

90ms
57ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1671467189_e45c6091-7fb9-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=4f3147684c3cd72a03d40e4fae134b80%2F4670907623338594575&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671467189312&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h4jzmgp25p9tyw9t8sqvnfwtf4qdz2jvr2gv7wajj6fv3gehmn67gksbwt4dazqza1nwxaxkas0a92qv2hdnzaeqj63mm5gj1mth2av5ww198wea2p71e7d2rbfb7nk9jjry5hckghfyxgt0dy4wa0gda4cr4jxghe7gqmyf8nz4z382da818wmkbsqsatdhzenrnrzfkd1vzec937fy927aywp4kgmpc51dap9jygy095jx7cf8n0mh10w32xfytc6exy1913h5wmesyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCNzJ2tJCgY9XTGeWO9APgxoPICJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTkxNDYwMzA3MDkyMTAxNDnIAQmpAs4bsBDdwrE-qAMBqgTHAU_QeXnVW_qWKRapQ4CeDbayOnq_zMWlHjQ_bvKMEOobRtpYGJOBIapZNWRcHXgFUVJcIlisrpJIzPa47b_WVl_96tDSnu4QOmlbEAT9FWaz4MZwepkm2aRtQKZQFu0T6Q5tGuWAk9B8OuueYvcCOkwNLeAf3ddDkGGXAX0GDTDO82IsrkCe4FDKexWP6ROFdzepYlquZN5HCTkmGBqnzq2eICE1TrJ5F3Lnka6qiS84HAa2nSxz5smpWFWef-dPxzDXXUZ1eJ6ABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2htX5Yi0sPnkCVwkvBibzcwYXTfg%2526client%253Dca-pub-9146030709210149%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 1002541057
cache-control: no-cache
cf-ray: 77c1800f0d659b49-FRA
expires: -1

Redirect headers

Date: Mon, 19 Dec 2022 16:26:29 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1671467189_e45c6091-7fb9-11ed-9792-223985e9a9b7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/ Frame 26AE 19 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0714a54d371fbcbda2fc9d7ac150d14d188f37de5da47cc9f101482af15cf97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3739
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 09:01:31 GMT
expires: Tue, 19 Dec 2023 09:01:31 GMT
last-modified: Thu, 06 Oct 2022 16:00:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1094 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COBMAtJCgY5f9GaPTtOUP58-OkAmDg_Kbbc-c6de1ELCQHxABIIqB_ytglcKmgrAHoAGtjcLBAsgBCakCDqtjOsnLsT6oAwHIA0iqBNMBT9BqwMrEIDtPQbt1qWGNRFfcGy1TZ-URC3JY7PHISt57CrN-bI8kbnQFTckjDBOzy_nphczoMiwawyr5A6Du_IeyeeB0DRF6rlQPR6qOJ3AgZKt1TreWot1vkqXjzcA89kkjAOPo5vsimcb-PzkKjAH7MK3cz74yHx0h7YMJMfHIGsCIa_UIuX1BWhwfNwl1CsWYR1AHhkIDPpfqShmvcr3W9JITHeI0SKHemmdxvepfSTIBV8ejpxAcOLuC9BxeSp4dkR-j63uaJC3RcJiBYuaSz8AEpsnIwYwEkgUECAQYAZIFBAgFGASgBi6AB-nZjWqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCb4hbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi05MTQ2MDMwNzA5MjEwMTQ5GAA&sigh=NeYRo7We_Xs&uach_m=[UACH]&cid=CAQSOwDq26N9Jipq0A5QIJiyZ4NfHfo4EnadcuHs4yPafEprxWoDFV9Z8vfgSUAGrYH0I9ID0Mw2qDy3ohD1GAEgEw&template_id=419

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1094 23 KB
9 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1094 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 15:27:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1094 18 KB
7 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 14:02:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1094 0
0 24ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTJR0SVO9Ljl28UPH54j9LmiBt225ZQ_SVjUqZZo5CvpZH0ABnaJklFAKyJxmVFoiSH7CI0EcgjUcKNGka919zk5mw9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1094 153 KB
47 KB 100ms
98ms Script
text/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:29 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 26AE 6 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2568
x-xss-protection: 0
server: cafe
etag: 6734328975651772599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 20 Dec 2022 13:12:21 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 26AE 34 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:53:06 GMT

GET
H3 200 f8aa84c012b77f9cb59171798f306970.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/ Frame 26AE 91 KB
26 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/f8aa84c012b77f9cb59171798f306970.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5a7cced9aeeeae64a8ce241d2cec7dbcb0b0940a6f7fcf4eb16a2e48248069

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 09:01:31 GMT
age: 26698
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26886
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 09:01:31 GMT

GET
DATA 200
OK truncated
/ Frame 1094 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cf36db60052cb77ccd69f0ab3694ca342a314f6c19225d2966c03f47eca2553

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 1094 0
20 B 54ms
54ms Other
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJenlMCMhvwCFaMprQYd56cDkg&gqi=tJCgY82PFYiw1gbH9YfYDQ&layout=/sadbundle/%24csp%253Der3%24/9590821348355910724/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 roboto_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/fonts/ Frame 26AE 133 KB
70 KB 47ms
15ms Font
font/ttf 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/fonts/roboto_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/f8aa84c012b77f9cb59171798f306970.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 09:03:31 GMT
age: 26578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71583
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 09:03:31 GMT

GET
H3 200 fa53a9d5d5a1d83ac473502384574afe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/media/ Frame 26AE 10 KB
5 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/media/fa53a9d5d5a1d83ac473502384574afe.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 09:03:31 GMT
age: 26578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4657
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 09:03:31 GMT

GET
H3 200 fa53a9d5d5a1d83ac473502384574afe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/media/ Frame 26AE 10 KB
5 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/media/fa53a9d5d5a1d83ac473502384574afe.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9590821348355910724/f8aa84c012b77f9cb59171798f306970.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 09:03:31 GMT
age: 26578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4657
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 16:00:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Dec 2023 09:03:31 GMT

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 26AE 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 14:57:15 GMT

GET
H2 204 /
t.vi-serve.com/ 0
49 B 93ms
28ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=PLACEMENT&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=0&time_delta=4503&position_on_page=74&playlist_pos=1&mobile=false&floating=false&in_view=false&cb=b717
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
server: fasthttp

GET
H2 204 log
pixel.inforsea.com/server/ 0
49 B 132ms
30ms Image
text/plain 52.49.220.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.inforsea.com/server/log?event=p&dim1=4503&session_id=t9k8j339tm6v&env=w&affiliate_id=5a2915c828a0612027240b86&domainapp=dr-venture.com&width=1120&height=630&visible=0&publisher_id=406321312659913&cb=33ca
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.220.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-220-212.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
server: fasthttp

GET
H/1.1 200
OK player.m.js Show response
player.inforsea.com/ 128 KB
41 KB 89ms
8ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.inforsea.com/player.m.js
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: 8c0c45bcb1183a4df28e414510fb1a84da4f4dcb318bd990f22c436b1cc82897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 16:26:29 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvulUYN_PsfifLbJtTQLR_dV8EanIZRTDXNFCXxOBg-ItHZ3wmDhdLsRL724nF4x2_hQLsY6jSeG4Tqts71PCKkqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: Keep-Alive
Content-Length: 40848
Last-Modified: Thu, 08 Dec 2022 15:02:04 GMT
Server: UploadServer
ETag: "678244795ccbde50224d17a660637651"
x-goog-generation: 1670511724198612
Content-Type: application/javascript
x-goog-hash: crc32c=PtkTvQ==, md5=Z4JEeVzL3lAiTRemYGN2UQ==
Cache-Control: private, max-age=0
X-HW: 1671467189.dop227.fr8.t,1671467189.cds143.fr8.shn,1671467189.cds143.fr8.c
x-goog-stored-content-length: 130637
Accept-Ranges: bytes

GET
H2 200 v2 Show response
vis.vi-serve.com/playlist/ 4 KB
4 KB 355ms
254ms XHR
application/json 54.217.203.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vis.vi-serve.com/playlist/v2?url=https%3A%2F%2Fdr-venture.com%2F&session_id=t9k8j339tm6v&category=IAB1&publisherId=406321312659913&language=en-us&useAllCategories=false&useOnlyCategories=false&pageTitle=Dr.%20Venture%20Website%20Making%20searching%20My%20Videos%20easy!&pageDescription=Dr.%20venture%20Facebook-f%20Facebook-f%20Youtube%20Twitter%20Shopping-cart%20Amazon%20Welcome%20to%20the%20Office%20of%20Dr.%20Venture%20where%20you%20can%20learn%20the%20Tricks%20of%20the%20Trade%20%F0%9F%98%89%20Donations&pageLanguage=en-US&mobile=false&playlistLength=5
Requested by: Host: s.vi-serve.com
URL: https://s.vi-serve.com/source.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.203.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-203-96.eu-west-1.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 7e426bb18ce8efec13ca747d493e86c3e4931698d3a00e500136285f2eb50dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 16:26:30 GMT
server: Kestrel
content-length: 3707
content-type: application/json; charset=utf-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3540 28 B
54 B 29ms
29ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/34f9b71c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1671467189966
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/SLQNzCt1JzQ?controls=0&rel=0&playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fdr-venture.com&widgetid=1
X-YouTube-Client-Version: 1.20221214.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtULUh1OXlJVkwyQSizoYKdBg%3D%3D
X-YouTube-Ad-Signals: dt=1671467187641&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 19 Dec 2022 16:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 19 Dec 2022 16:26:29 GMT

GET
H2 204 /
t.vi-serve.com/ 0
48 B 28ms
28ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=NV_LOADED&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=0&time_delta=4974&requestedCategories=IAB1&requestedLanguage=en-us&position_on_page=74&playlist_pos=1&matchedCategory=IAB1&targetingCategory=IAB1&mobile=false&floating=false&nv_video_id=Xmwu0G8B_6S3bUqP4TuR&nv_source_id=101&nv_feed_id=181&in_view=false&cb=1f55
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
server: fasthttp

GET
H2 204 /
t.vi-serve.com/ 0
48 B 28ms
28ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=INFO&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=0&time_delta=4975&data=lazy:off&cmpFramework=false&gdprApplies=true&gdprStatus=none&consent=0&segments=&brandSafety=&position_on_page=74&playlist_pos=1&matchedCategory=IAB1&targetingCategory=IAB1&mobile=false&floating=false&in_view=false&cb=a51b
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
server: fasthttp

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Xmwu0G8B_6S3bUqP4TuR.jpg
nv.vi-serve.com/vis-media/101/181/ 141 KB
141 KB 93ms
38ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.vi-serve.com/vis-media/101/181/Xmwu0G8B_6S3bUqP4TuR.jpg
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b228be3a30c1f2db99479e6ad51b846e40d9994c9396fdf3bb0700799fc22a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
x-sp-metadata: HS256.CMa9gp0GEocBCiQ3NzhjMzFhYy04YjQwLTQwZjYtOWYyNS02OGQwYzJmODc4ZTAQyPKN2e7Y8AIaBgi2oYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOGM2ZjA0YzQtZGYxZC00NjNkLWE4YTYtYTE5ZTU2ZTA0ZGFkGKnlCCIYCAISFGNkczI4MC5mcjguaHdjZG4ubmV0.7hsG0g6gZSonbOHMyu/Sgrkn7A7JHdjM9ohzTF343Ls=
last-modified: Sun, 10 Jan 2021 21:04:51 GMT
etag: "1610312691"
x-hw: 1671467190.dop097.fr8.t,1671467190.cds161.fr8.hn,1671467190.cds280.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=71942
accept-ranges: bytes
content-length: 144041

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 vi_logo.svg
s.vi-serve.com/ 1 KB
1 KB 319ms
18ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.vi-serve.com/vi_logo.svg
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: UploadServer /
Resource Hash: 3d98123e0840ba76b93bf92147d2664fb0bc23cf37d61561e48fd270bbd0d1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1548836449
x-guploader-uploadid: ADPycdv1qTiAp03MB84uTohMDsEwaedrMkIb8JiN3fzG0IdMJeWAEBiA6eLzpo7hh6cKvvj-H51Nwwuigxt06pofPkdcsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-sp-metadata: HS256.CMa9gp0GEocBCiQxYTFmNTllNi05M2ZlLTQ3MjktOGMwYS0wMWNlMTk4NWZkNDAQ8L6g2bHx+QIaBgi2oYKdBiIMMzcuNTguNTguMjQzKNCWAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkNjBjM2UzNzEtZjk1Yi00MWNmLThmZDMtYmQ0YzliZGZjMzJjGK4EIhgIAhIUY2RzMTM5LmZyOC5od2Nkbi5uZXQ=.avx3dzDT7lFjyWmYauUB461nqI0UfoA1nnodoDaTv3k=
last-modified: Wed, 13 Jan 2021 12:41:20 GMT
server: UploadServer
etag: "05a4f3361327a013163f93fd52d4f03e"
access-control-max-age: 86400
x-goog-generation: 1610541680744704
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=kHN4+w==, md5=BaTzNhMnoBMWP5P9UtTwPg==
cache-control: private, max-age=0, max-age=300, must-revalidate
x-hw: 1671467190.dop097.fr8.t,1671467190.cds161.fr8.hn,1671467190.cds139.fr8.c
x-goog-stored-content-length: 1193
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 204 /
t.vi-serve.com/ 0
48 B 28ms
28ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=INVENTORY&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=699&video_w=1120&video_h=630&time_delta=5026&position_on_page=55&playlist_pos=1&matchedCategory=IAB1&targetingCategory=IAB1&mobile=false&floating=false&in_view=false&cb=acc3
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
server: fasthttp

GET
H2 204 sources Show response
call.inforsea.com/adserver/ 0
115 B 135ms
33ms Fetch 52.215.10.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://call.inforsea.com/adserver/sources?affiliate_id=5a2915c828a0612027240b86&VI_DOMAIN=dr-venture.com&VI_SESSIONID=t9k8j339tm6v&VI_WIDTH=1120&VI_HEIGHT=630&VI_PUBLISHERID=406321312659913&VI_AFFILIATEID=5a2915c828a0612027240b86&VI_CDIM2=406321312659913&VI_DNT=0&VI_SEGMENTS=&VI_BSAFE=&VI_OB_AGR=true&VI_GDPR=1&VI_CONSENT=&VI_CDIM1=101&VI_IAB=IAB1&VI_IABSHORT=1&VI_DURATION=413&VI_CATEGORY=Arts%20%26%20Entertainment&VI_TITLE=Top%2010%20Websites%20You%20Loved%20as%20a%20Kid&VI_VIDSEG=&cb=1gkljahve
Requested by: Host: player.inforsea.com
URL: https://player.inforsea.com/player.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.10.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-10-98.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://dr-venture.com
date: Mon, 19 Dec 2022 16:26:30 GMT
access-control-allow-credentials: true
server: fasthttp

GET
H2 204 /
t.vi-serve.com/ 0
48 B 28ms
27ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=WARNING&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=699&video_w=1120&video_h=630&time_delta=5166&error_msg=no%20ad%20sources&position_on_page=55&playlist_pos=1&matchedCategory=IAB1&targetingCategory=IAB1&mobile=false&floating=false&in_view=false&cb=c28d
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
server: fasthttp

GET
H2 204 /
t.vi-serve.com/ 0
48 B 29ms
28ms Image
text/plain 108.128.89.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.vi-serve.com/?event=WF_END&page_url=https%3A%2F%2Fdr-venture.com%2F&pub_id=406321312659913&channel_id=5a2915c828a0612027240b86&placement_id=plt2Nm1i5XpAKdoiI9s&ad_unit_type=2&session_id=t9k8j339tm6v&focus=true&player=playerVI&build=m&pageLanguage=en-us&placement_w=1120&placement_h=699&video_w=1120&video_h=630&time_delta=5166&position_on_page=55&playlist_pos=1&matchedCategory=IAB1&targetingCategory=IAB1&mobile=false&floating=false&nv_video_id=Xmwu0G8B_6S3bUqP4TuR&nv_source_id=101&nv_feed_id=181&in_view=false&cb=0ce3
Requested by: Host: dr-venture.com
URL: https://dr-venture.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.89.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-89-252.eu-west-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:30 GMT
server: fasthttp

GET
DATA 200
OK truncated
/ Frame DF35 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb857572bac62cdf240ddca8f40e66a7d852d5f8c1493d49a6a86cb2c11a994d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame 394D 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 14:57:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF35 0
17 B 57ms
57ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP4YAs5CgY7S7CrTdtOUPhvmskArqv8WBboyA1NKKEMCRmNGLDhABIIqB_ytglcKmgrAHoAHvnf_bKMgBAakCd-czwSogez6oAwHIA8sEqgTKAU_QUc84BuqjICtrjEsuqAMcpHYU-rIG419ERoss8FWlTLnlk8qULLyO84OIXAW9XdLIR6loigAb2avma4TSZEnC0iuJsQsoE96F2bsbKBt0SNjwwajnCiMsIhQQCWqjARMbBBX29YTtQjhdKk5elXhw8YO0_yvRUd4DIm8m3tQTAB34991dSKp9_WvOa_2IanU0T3WsUuwYAPzVL0zKPXDGwmPeOZG0t9pRXkcxk7mvZwWO713xWyl0pPJ-La-vvmYtiA2NDqZhdynABKmtkrP-A5IFBAgEGAGSBQQIBRgEgAeew9W7A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO3yBdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQE0BUBgBcBshccChoIABIUcHViLTkxNDYwMzA3MDkyMTAxNDkYAA&sigh=7eW5Do-zilY&uach_m=[UACH]&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM&vis=1

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5111609000590128358/ Frame AC6C 10 KB
10 KB 14ms
14ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5111609000590128358/14763004658117789537?w=300&h=300

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8959934cf66ccc66936bd38481c48532a1bdfe886bfd30e044c0323a8cef087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 02:16:45 GMT
x-content-type-options: nosniff
age: 137387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10225
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 12:30:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 02:16:45 GMT

GET
DATA 200
OK truncated
/ Frame AC6C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 550f4e09b3b067fc19934ab5f7442dcbaa91bf42a1f718537b089627e941ae53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC6C 0
17 B 55ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C10CZs5CgY7W7CrTdtOUPhvmskAqYqc-CbuS7vbKLEeCagK2RDhABIIqB_ytglcKmgrAHoAG3mIGiKMgBAakCd-czwSogez6oAwGqBMoBT9DM2D5T-UJqF0-mF8IXR9jJJmQ6Xu_b_msk8uzV1nQ2gPBHSItMuDJxFcNKdVmxFf-ra4bxf9jPOkl0CKHz8zfGL0cC6zjPZfazSvVDDoDGtdsh_T-v5mA-2YRQOYsLXdG5csmGtkVbYvV4SVNnSPEPBMBdfShq8h7TGxM-A1UV221Jkb47xSPsazNB47cdk9YDUDgTOC4CBp-amxDUcBVuwjvopCZTQLIpDGJl_N29Tz1NoQkH7boR65fGwuc7vlv1G-FWDn7NAMAE_qXovJcEkgUECAQYAZIFBAgFGASAB6vPjboDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6a0D0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItOTE0NjAzMDcwOTIxMDE0ORgA&sigh=mfqg2NQLKCo&uach_m=[UACH]&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM&template_id=5001&vis=1

Requested by

Host: dr-venture.com
URL: https://dr-venture.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Dec 2022 16:26:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 63ms
62ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deba02df6a05ec22dbf9955ce2d8636c239bc5a1a1e59b45a7de69fe06e81006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11131
x-xss-protection: 0

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame F718 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 14:57:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 16:26:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ACB4 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:38:14 GMT
expires: Tue, 19 Dec 2023 15:38:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D7FE 783 B
535 B 25ms
24ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f778ee0be3f12d5c1c8be40158f8a4eefa46c86eb2351134ff2a7229f80d673

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iJcPPL_w0HU9lggJ4rj5pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dr-venture.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iJcPPL_w0HU9lggJ4rj5pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 16:26:32 GMT
expires: Mon, 19 Dec 2022 16:26:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js Show response
pagead2.googlesyndication.com/bg/ Frame ACB4 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16025
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 14:57:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D7FE 0
0 48ms
47ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4241738700696463&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ACB4 0
11 B 13ms
13ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zJrbiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:26:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4241738700696463&bg=!bm2lbSnNAAYgquz3AKo7ACkAdvg8WhRovPN5j1vD3wKpfVyUVOT_t7BfWLjbDj38YwWZlzqP7w7r0QIAAABJUgAAAANoAQeZAtwqX48cbYKST-AjIAfTHkDKCNM-bqjCgFhyyG4zujmtYuygH5vrwP9nvojchCKH3io105FWugfeRKUZ0CNRRpCUxhiAO4R2I7wKTEhG6PBOJwsplwraiwbxlT-azQSZwKRvW0j7YmH__Idx3JTPGrMNoxTGhKXhcGDMj63K24w1VeKP2WD-CVxpBDk7jAJc0Cn7ZD7DU8i0irO8wXRZ7K2ht0jyCLruYCoX0hPpnScFTvB-rkvrrnvyEzyhUnXRlI_ftKI0myVfwNW11-cLv__WuxVny_zpuV-MIievkwJJicsSa6hjnZfxSK5gFELRrXYDjPefKWPyPcAVT1LjMaHyhFZGLa8Yzr7KVU_whTQoRsOEKWpm7wYXMACoKI0TTOjXKyEyvjIP_-kdLHuzdsF6X2KHuvKGUfA0TD9w3ScYHn7WyQMIGLjbtezqgR-TMrf7KWIYrHjihCT7Of9P1n4rl4RS22NDBVU2k1pEyy0VoejyGv8yldTISmiN0DWJjCM3B8Ii7fz4uCXPpojrAY8Q9DML30f05_ghu22jiG4DgePAxtV-a4QLFmPbiomtJEm-OHM9W8H8Qf9GdwpFDpQjB-ME4Nnst5QgGXZW42d3gf8hC_C0DzecQUau7jFXYFI0zAScSfBpE59WRgxCsX0JuxkyhQ903EfigWF6Edf3_0-YXb4koBXuD_vyFVbSKNd36M0OFsOzkUUnq0gaDeerMvFq5A-4jN8h_J5CFW1jpQf7qcrq9p61EH2hGnBPFAb3-dY-SajqHzz9HB_VdpVWNmPM00Yru_Bu4_2R96FfcKZY9lEx1GU8vnbDiVmv27ks9ot_UTgzFOQpwYvVNqITCvke14ZxO2EbjU-QyADo5BVajVNRZFK3iPxagdqkS-0d78-pwi45FkXeoLw0wzktwE2YheQBlbzqby9WRUOTAU-_6kdtOLzwn_RxEbqi1a_Hr4i-5VO_QzBXf8M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dr-venture.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF35 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslky4fs1iNwt0wOcqH3iDiaquk3okdTHEXMF6uQGacYpeLxcH5FwNaExJqMywkPNBXQjYrXT0l65OFbvS9QFGhu7gPWaqrRT8ZAD1eN9nkpulcxbjcgGUq301bY6idDpHwL7jdHQ&sai=AMfl-YQA2pTK7AXMmOgDaX77W5ee3TmDhOH1PWH0nerMptGpaaViCm5xAOqX4Z5Qzh5Giib2nNgInRK8xzmRxXA&sig=Cg0ArKJSzHRF734BHRtXEAE&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671467188374&rpt=3631&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E10D 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxKxsjx3CfUlXY54BC1Eh7Eltkawls48PO4lTJl_1b1AF4QadUm7EhdsxmnOAW2xKDmqgBpyD8YEQl2-vLtjgnbM7flpQ9OHUAr-s2R2sh69WQ5dSH6wtfFPZP7hADRfB94wBhmw&sai=AMfl-YR8TxxTzd6J0jVFR9uSOZ3KJIEk44Xtaj_SMDVW02c_XijM-RIF4PQEWaN0az_EaLiVpsy_a2OSZVlZVbo&sig=Cg0ArKJSzFiNqQGQfPR-EAE&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671467188378&rpt=3692&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC6C 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDgqbLcHbez3k0EWpEby0CJ_mKw9guyqW61v8NUka79gVXb67Kgx9BbeAoz3s9k4jwsqzpTL8tqK-x6Bb5QYdjCDrFxXJydCWPq1cz5j0J8t9M3LLLCibankfLkeDyD7crrdavHg&sai=AMfl-YSV4LGo72cfo5gqmEh6zZkrvLSL0Y3zuIlWjnHSCPIVasK8bkGkG3AY7TZTrJPD4jxilt_p785WMqRLeso&sig=Cg0ArKJSzJqtgTHOY3WdEAE&cid=CAQSGwDq26N95uoBGPnKmcylW2AREmfL_2um56iwPRgBIBM&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671467188376&rpt=3673&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 16:26:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qFcX-dFbeTI
.youtube.com/	1970-01-20 12:36:59	Name: VISITOR_INFO1_LIVE Value: T-Hu9yIVL2A
.dr-venture.com/	1970-01-20 17:39:23	Name: __gads Value: ID=0db333166cc90fda-22ed292227da0076:T=1671467187:RT=1671467187:S=ALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw
.dr-venture.com/	1970-01-20 17:39:23	Name: __gpi Value: UID=00000b94c7d0358b:T=1671467187:RT=1671467187:S=ALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg
.doubleclick.net/	1970-01-20 17:39:23	Name: IDE Value: AHWqTUkXmzFrT08nXyoIZCQSPqJb3l1oJNQhP8_nnPsstP9ijY6HxHvfpko0O0cFDW8
.doubleclick.net/	1970-01-20 08:17:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:17:50	Name: DSID Value: NO_DATA
.dr-venture.com/	1970-01-20 17:53:47	Name: _ga Value: GA1.2.1364103228.1671467187
.dr-venture.com/	1970-01-20 08:19:13	Name: _gid Value: GA1.2.933776991.1671467188
.dr-venture.com/	1970-01-20 08:17:47	Name: _gat_rumble Value: 1
.simpli.fi/	1970-01-20 17:04:49	Name: suid Value: 93EF89FEC9FA4325B99FABC3F035BD0A
.adform.net/	1970-01-20 09:02:25	Name: C Value: 1
.adform.net/	1970-01-20 09:44:11	Name: uid Value: 4599775901435994339
.lijit.com/	1970-01-20 17:03:23	Name: ljt_reader Value: F186qGZHzNsa4Lq_TWeIn06k
.tribalfusion.com/	1970-01-20 10:27:23	Name: ANON_ID Value: aXnseFOZb3VhUEjUAvMilBCPHv44M6gq26iaGhZdKthMaZbj2VxwCUTXCaMkJ6wOO2ZclaBlrATh7S0QyBydIZbvS
.awin1.com/	1970-01-20 08:22:06	Name: awpv11354 Value: 412871\|1671467189\|e45c6091-7fb9-11ed-9792-223985e9a9b7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 08:24:59	Name: HTLP_timestamp Value: 1671467189
www.conrad.de/	1970-01-20 08:24:59	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:17:48	Name: __cf_bm Value: ws.SiFBvYXvSR2NAO.W0nmqHF3TYeYnRQuj5YrVI1xo-1671467189-0-ARpZapdXFyby5e5xudHdY+cGuoPbvvh7Uu7/orc6rmtqD+F2m6jLGAtjYhqOaEVi5kNbL1Sz84oKc3gQA2CXYVQ=
.blau.de/	1970-01-20 08:27:51	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MTQ2NzE4OXZsZWExZGUyMDIyMTIxOTE3MjYyOTc5NjUzODQ5NzY1WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 08:27:51	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:27:51	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022121917262979653849765X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 08:27:51	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTQ2NzE4OXZsZWExZGUyMDIyMTIxOTE3MjYyOTc5NjUzODQ5NzYzWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/	1970-01-20 08:27:51	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:27:51	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022121917262979653849763X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTQ2NzE4OXZsZWExZGUyMDIyMTIxOTE3MjYyOTc5NjUzODQ5NzYzWDExNzcwM1YxMjI2MTMyNzAyT

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9590821348355910724/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9146030709210149&output=html&h=90&adk=592268767&adf=783291480&pi=t.aa~a.2723371507~rp.1&daaos=1671443338576&w=1200&fwrn=4&fwrnh=100&lmt=1671467188&rafmt=1&to=qs&pwprc=5211295787&format=1200x90&url=https%3A%2F%2Fdr-venture.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671467188308&bpp=1&bdt=2333&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0db333166cc90fda-22ed292227da0076%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MZr0yLLSGruWyXg0xPP15dRfeY7xw&gpic=UID%3D00000b94c7d0358b%3AT%3D1671467187%3ART%3D1671467187%3AS%3DALNI_MbG2eb5Hv9mqUw59_V_UqlL2CjUAg&prev_fmts=0x0%2C1200x280%2C1200x90&nras=4&correlator=6918969211467&frm=20&pv=1&ga_vid=1364103228.1671467187&ga_sid=1671467187&ga_hid=541984571&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071250%2C44779794%2C44773745%2C44780792&oid=2&psts=ACgb8ttAaobYYydvsaZCVVzw0Eaq0WGFxTvJvzNjqmK7w7QiGF2cVjTQkoDzFEGMZgxKa003nTbMOrZeQF9SoKTj&pvsid=4241738700696463&tmod=1778609080&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kYVASgQe4w&p=https%3A//dr-venture.com&dtd=23 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9590821348355910724/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
call.inforsea.com
cm.g.doubleclick.net
dr-venture.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
jnn-pa.googleapis.com
nv.vi-serve.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel.inforsea.com
pixel.rubiconproject.com
player.inforsea.com
prod-rtb.ad4mat.net
real-debrid.com
rtb.openx.net
rumble.com
s.tribalfusion.com
s.vi-serve.com
s.w.org
s0.2mdn.net
sp.rmbl.ws
static-de.ad4mat.net
static.doubleclick.net
stats.g.doubleclick.net
t.vi-serve.com
tpc.googlesyndication.com
um.simpli.fi
vis.vi-serve.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
z-na.amazon-adsystem.com
108.128.89.252
108.167.183.87
142.250.180.230
142.250.184.194
143.204.95.64
151.139.128.10
172.98.57.106
192.0.77.48
205.185.216.10
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:19ad
2606:4700::6812:7f05
2a00:1450:4001:800::200e
2a00:1450:4001:802::200a
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400d:803::2006
2a00:1450:400d:807::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::200a
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80c::2003
2a00:1450:4025:401::9a
2a10:13c0:ef1c::11
35.186.253.211
35.204.158.49
37.157.5.142
51.89.9.254
52.215.10.98
52.49.220.212
54.217.203.96
69.173.144.139
72.251.249.13
84.200.5.215
88.99.63.132
96.16.147.165
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
01e04f14dd4bcaa0c53ed4f6413004e3fd8e6ee6555d2d8fed7faef304d4f476
022f474afc5749850b98dd19ed71a3ef48a8ac19a0bed7dff972fd611d6b23fe
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
04866acb939ad09defe832c7cc73ee7aba1a09b90a5f84c6b7936aa41d7c1167
06ab43549ce481a78bded48c690a7f7454951077e3f82277a59fc73c9e001f3f
0a2826f5675bb03987c50fc19764f29d51e8cce8361a4ba175064458d8773955
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ebdc9a5695003e64631aaac60c195967ad1bc1f2b9e2ccc0a382582b59cb1c3
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
132858a7a793814411def5f66c77fb9be9436be9bb8be5b8a55ca16630aaaa78
138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47
14626e6a31e0abd24d5c6c12e5d2643263a6a4943a6d2e80f8cfaa1a122e3428
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526
1850a40fbb0e52b2de821792ddc4ddeb9dedcf0cc66d5c8401592b637fcd559b
18f36558effb7463469e4087110bf188536e4942a0e3be8739d7ecab34fab4de
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
28900abcde1856c660faad313bf08bf7a4422c455e556c3c686f219257194f4a
2ac429a18eaa50df6c5301709aa0a7d1f6f517557d1964307fae83ea119f55df
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2cf36db60052cb77ccd69f0ab3694ca342a314f6c19225d2966c03f47eca2553
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33594c17b6d9ff594fd7314b2ef736acd49253d65476f283e18bde4552e436c2
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
396cce6d977e08c42a8b3c661f82a15c423a599ba15278216b083f27a497fa6d
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
3d98123e0840ba76b93bf92147d2664fb0bc23cf37d61561e48fd270bbd0d1de
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e93f4942e058686557340578ff028bad3d4696e0533b0714b3c8ab461685a1
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
447abe420c9c6389df137a77e34ace3afcb8d0dc047be85df62242f51cd68c62
44835f625dd9869935218f678329b6d2ea92eebabfefcae0dde7318a8fbf6f3f
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49e62b72e459e2dae90ea8389ecc1873a51c205c791aa422d43f58130c0c8191
4a23d9860ea4d30755d87282807a059602cf072b1d0a8d334076689aa8fa2d00
4a25eb6972f4a513da7ead5d8c0f74832ed42b1ae5e1f13ed3ea36f0865a59c9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b5a7cced9aeeeae64a8ce241d2cec7dbcb0b0940a6f7fcf4eb16a2e48248069
4c0c4ac934e1f5065090ad406d769f40c5f5028331e9f504bcd9714047d238e9
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d77845fffdfcc5ad279366520e7f994a6ef105ff738d8d2be931c202523b3ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2ec7f12773fe6dd5e9fbede42ada504c194385e62043d4237cbd9f5a93d920
550f4e09b3b067fc19934ab5f7442dcbaa91bf42a1f718537b089627e941ae53
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c365bc96f65e0ea88341593cd90119fee6c0fcad6504e0ce0366a450293732c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cc630686190c6b0588372183c91c0981c79bfdbe03d7e019f581da24c48cedf
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d90660626f67e1509d3a88c930a94d9ad00375ae7b1df202adb9a95504cdee5
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fe061d3da79d71cb8d7c2b7e72fc2b4e3affb446c1b3807e7e2ab5593988d5b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626fac48c1563270e97696f67537652210083112b27c056b36d78d6a5026b509
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191
66dd4e5c21b276f0f6302f05a0acfaec62edc461993593a028dd7113923f704f
6b04406ab28a88a04e286448850d93efe32d0ae95a20e675ba191d0b9a3be9af
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6c9e9bd4e992b05389236894daba31e34cc03e95c1dcb18fdb229087df1606c6
6ece33be05682148470133b0321834dad4007cf718bcf4242115472bf5c0a73d
715e69ff474b5899408d3daf2b7aaa381caa312242f20014ffdfcb893b89b83b
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
735b3be23232701a18d29f7f71b6a4438d0ce347329596ff4493693409d80d43
73d2a8fcf9292509a74667b40fe3f9c46da8b8b96fd49f70aa57bb55dd7ca835
7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45
7e426bb18ce8efec13ca747d493e86c3e4931698d3a00e500136285f2eb50dc3
7f05d878ed95db8473d919873ef9f9c66d990a41126362ed39a11eb9715204f3
7f778ee0be3f12d5c1c8be40158f8a4eefa46c86eb2351134ff2a7229f80d673
818feb14a6479f4bef8582e0a6a3efaf784ca857e9ba45e633bd22e05214eadb
81aa28e1d4f2269c39cd849f8b3189a7d738745711549a5f0218b1bba8264c13
822fabf0a2a298fbc76858f1fb0b1a16237afb8aa98d28a0a95357c09c1783d1
8291de041583fb3d7ede573ad981768436707bfda8d8f1f658ce0509adc19da9
82bff6c6a46f8cad8fffffc5bd48b783422332110666c3a03483c6d7f0b94565
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
883dff47fea6a3a5858d9fc03d0fdca51571bf1c25153c45725fdef2a89c0f1e
8c0c45bcb1183a4df28e414510fb1a84da4f4dcb318bd990f22c436b1cc82897
8fb89bcb7ce1049b0403767264f46165f9d0b0a5681c38233d0c856a56acb90a
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
95cead66ac9a869984cf2c615ddcae6c1ca46c77f75e32d644fa465086675e6c
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
97eec7f66cd1aa163ae5aa3222724d4c95dd9609e0c58fc47880ecf437f6423e
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5788f5868215bfccb5f254bb3117dac43e8dba4467bdaf42183765badc49cb0
a5f0389b387adbc47c850a6f005a0a899515e41263d9c990d2dc9170bbd83588
a7d633c875988334aa4ea7cba2e67041543451a5b6006c8f35147496eee628f4
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ac78c8f735e2d541abe25e0234b8ea6796d53e1c0bd8c325b9298c82884e9bda
ae7653925acd2561dd4af55993a5a68381e8a2c64bfb3843ffb6b03137febeba
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b228be3a30c1f2db99479e6ad51b846e40d9994c9396fdf3bb0700799fc22a11
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44b18e9a6cced6ba24a25855c23095283dba1ddfad87bc68859d87463eac07f
b4edb1f7ee778f9d08fbbc4ca5425f55c7be20b9f2cb400352bbcec8d22e8e53
b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a
bf8c713d2545b889e4ce9390e47c47a4a146649320f91ca11006bc948944ec4e
bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89
c0714a54d371fbcbda2fc9d7ac150d14d188f37de5da47cc9f101482af15cf97
c1bc98f188a5797fcbe67ffd72028347b81fb7cafca30994789f953694e81c9e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c46e610e7811a163f1c6531cd767fef1049596c420ef1b59b934200246a96589
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c56e851a0803c43ff8adb5caeb0caf6439a99d0991deceff878a4124dca317d9
c9f8ab9f8bfaf9dee0b5b375738cb4bde8bcfb26a1c403f1de1bae56bb021e79
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd689d9f8e942eb70920a27adcbd2cbe84e0ccbfd3daf59aa57d952d8ebb987f
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8ae0e56e78597d6360e0414333c797e5d978960dccf9d1ff9ea8b523b526bb0
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a
de57b295a57b37467fb719f67540c8a6da9229d349cec50a405c3adebed84ded
deba02df6a05ec22dbf9955ce2d8636c239bc5a1a1e59b45a7de69fe06e81006
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e2050ed4a8ab3f74cc1a26ef380fdacc9004ec320d33bb088fccdbeef36cb657
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8959934cf66ccc66936bd38481c48532a1bdfe886bfd30e044c0323a8cef087
edc5884e70a6ab8328de150020fb2b697bb276a3c7f4fb7d99d53522da28bbe5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f55adf513d69a3adfa6d9faacf8be18cc918a103a1da9a19cfba112784d78ff0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7110646817c23ad841973838ce6adf0e546c749ddbefe1ac8b9a5130fccfa4c
f756fcd9c73ee679d4d461d075af97937712945000ca336d1b4fe4c1a5a6ed7f
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fa83d88daa21aed351bbb2337059e617218514443dbc4a8997af406a98bf3460
fb857572bac62cdf240ddca8f40e66a7d852d5f8c1493d49a6a86cb2c11a994d
fd257c43a28b7a8c1f06f8dd386a062c2c5ddde288c9f6560140c4a398cafa3e
fe41a7936fba4a26a21face5fbb35961e74b9b11eb9e78fa26560f6986be6ed8
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

dr-venture.com Open in urlscan Pro 108.167.183.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

279 Requests

96 %HTTPS

54 %IPv6

34 Domains

53 Subdomains

39 IPs

8 Countries

4257 kBTransfer

12949 kBSize

26 Cookies

8 Outgoing links

Page URL History

Redirected requests

279 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dr-venture.com Open in urlscan Pro
108.167.183.87 Public Scan

Screenshot
Live screenshot

Full Image

279
Requests

96 %
HTTPS

54 %
IPv6

34
Domains

53
Subdomains

39
IPs

8
Countries

4257 kB
Transfer

12949 kB
Size

26
Cookies

279 HTTP transactions
8 data transactions