www.virten.net Open in urlscan Pro
2a01:488:66:1000:b24d:4dbe:0:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.virten.net/
Effective URL:
https://www.virten.net/
Submission Tags: falconsandbox
Submission: On July 04 via api (July 4th 2022, 2:05:39 pm UTC) from US — Scanned from FR

Summary HTTP 156 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 31 domains to perform 156 HTTP transactions. The main IP is 2a01:488:66:1000:b24d:4dbe:0:1, located in Germany and belongs to GODADDY, DE. The main domain is www.virten.net. The Cisco Umbrella rank of the primary domain is 820206.
TLS certificate: Issued by R3 on June 19th 2022. Valid for: 3 months.

This is the only time www.virten.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2a01:488:66:1... 2a01:488:66:1000:b24d:4dbe:0:1	20773 (GODADDY) (GODADDY)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	108.161.189.78 108.161.189.78	33438 (STACKPATH) (STACKPATH)
1	18.64.99.206 18.64.99.206	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	161.35.94.188 161.35.94.188	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	94.31.29.32 94.31.29.32	33438 (STACKPATH) (STACKPATH)
21	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.225.206 52.214.225.206	16509 (AMAZON-02) (AMAZON-02)
23	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	3.122.145.17 3.122.145.17	16509 (AMAZON-02) (AMAZON-02)
6 6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:ed0:32e:1209:a188	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
1	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
156	29

20 2a01:488:66:1000:b24d:4dbe:0:1 (Germany) 1 redirects

ASN20773 (GODADDY, DE)

www.virten.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (STACKPATH, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.99.206 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-99-206.txl50.r.cloudfront.net

z-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.94.188 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-16.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.32 (Islington, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.225.206 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.145.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.18.126 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:ed0:32e:1209:a188 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

jpp.aircaraibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
frp.geant-beaux-arts.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	141 KB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	770 KB
20	virten.net 1 redirects www.virten.net — Cisco Umbrella Rank: 820206	272 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2826 ad4m.at — Cisco Umbrella Rank: 2219 assets.ad4m.at — Cisco Umbrella Rank: 38009	493 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	6 KB
6	openx.net 6 redirects rtb.openx.net — Cisco Umbrella Rank: 1589	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	212 KB
4	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 629	289 B
4	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1107	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 635	632 B
2	metaffiliation.com 1 redirects action.metaffiliation.com — Cisco Umbrella Rank: 59106 img.metaffiliation.com — Cisco Umbrella Rank: 39801	135 KB
2	agkn.com 2 redirects d.agkn.com — Cisco Umbrella Rank: 557	1 KB
2	mookie1.com 2 redirects odr.mookie1.com — Cisco Umbrella Rank: 907	749 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	1 KB
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3023	754 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 101581 static-de.ad4mat.net — Cisco Umbrella Rank: 150263	4 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 25125	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 14119	738 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2694 pixel.wp.com — Cisco Umbrella Rank: 2487	3 KB
1	geant-beaux-arts.fr frp.geant-beaux-arts.fr — Cisco Umbrella Rank: 504935	2 KB
1	aircaraibes.com jpp.aircaraibes.com	2 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1383	296 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	644 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 15811	1 KB
1	amazon-adsystem.com z-na.amazon-adsystem.com — Cisco Umbrella Rank: 6869	8 KB
1	servedby-buysellads.com m.servedby-buysellads.com — Cisco Umbrella Rank: 23302	18 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
156	31

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
23	cm.g.doubleclick.net	googleads.g.doubleclick.net www.virten.net
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.virten.net
20	www.virten.net	1 redirects www.virten.net
15	pagead2.googlesyndication.com	www.virten.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	assets.ad4m.at	as.ad4m.at
6	ssum-sec.casalemedia.com	6 redirects
6	rtb.openx.net	6 redirects
5	www.googletagservices.com	googleads.g.doubleclick.net
4	image6.pubmatic.com	googleads.g.doubleclick.net
4	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
2	d.agkn.com	2 redirects
2	odr.mookie1.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	pixel.everesttech.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn4.buysellads.net	www.virten.net
1	frp.geant-beaux-arts.fr	as.ad4m.at
1	img.metaffiliation.com	as.ad4m.at
1	action.metaffiliation.com	1 redirects
1	jpp.aircaraibes.com	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.virten.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	www.virten.net
1	srv.buysellads.com	m.servedby-buysellads.com
1	stats.wp.com	www.virten.net
1	z-na.amazon-adsystem.com	www.virten.net
1	m.servedby-buysellads.com	www.virten.net
1	www.googletagmanager.com	www.virten.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
156	40

This site contains links to these domains. Also see Links.

Domain
registry.terraform.io
avinetworks.com
twitter.com
de.linkedin.com
www.v13g.de
wordpress.org

Subject Issuer	Validity	Valid
www.virten.net R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.servedby-buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-01-17`	a year	crt.sh
ws-na.assoc-amazon.com Amazon	`2022-01-17` - `2023-01-16`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-06-18` - `2022-09-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
jpp.aircaraibes.com Gandi Standard SSL CA 2	`2021-08-18` - `2022-09-02`	a year	crt.sh
frp.geant-beaux-arts.fr Gandi Standard SSL CA 2	`2022-02-10` - `2023-02-25`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.virten.net/
Frame ID: 43A2AC2B0414FDBEDE49CC9E55A33667
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: F5B595B60C7B5527DC7400C8E1069219
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&adk=3105533540&adf=2621220088&lmt=1656943532&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.virten.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531943&bpp=5&bdt=1338&idt=164&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6486803413057&frm=20&pv=2&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=238
Frame ID: 295CE1AEF7666B23C6DB09ACC7F6462C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3002269269&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531948&bpp=3&bdt=1343&idt=290&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jg98pLIVQS&p=https%3A//www.virten.net&dtd=297
Frame ID: B0C307C6DCF368B5008158F185D56BF4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325
Frame ID: 81D279184932B4D0DD7FE7006192D4DE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378
Frame ID: A9773D896F6C8B707A8DA2497B91585F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
Frame ID: 8CB65492E12CC75CB03DCA7294446898
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
Frame ID: 8FE758767B8EFA9A79393C331DE4CFE7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F69D60BB0564122B1A8D8103E655394
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1yBirPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoEwwFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5QuILgUSJ2PJtI5EoKlelhVpqyUr5phYT5NBo8q_evIUdb9moyMgyABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3NjU2Njk3Nzg5ODA3MjcYAA&sigh=-6L04NyemK8&uach_m=[UACH]&cid=CAQSKQCNIrLMHmnBvSBKR8wIHFTSGI8X2X_v0R2n99C7H4XddawGYEAfbDVMGAE
Frame ID: B1B9957A155B3665E078E794349EC590
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D
Frame ID: 147997D65C83BC20A60B66A2CE2E233F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3FF5289C8D1E313DB3D56BA69A85E19B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C4017050A2FFE34E200A960EC287C76
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06AF9DC2E3AED506B7F7A51A0FFBCABE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F8ED9C3CB741937BF895D097C547D84D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B87DE84973644ADE310DAD3A14B0BE9D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EF8B31A9992302F2AA64D4B9D0CD5F3B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63AAED23E115554C6FA56AE8E3C2D8BE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 7FFF55A9E62631161DA14AB2636E8F38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 3FEC91B6134AC9A6323D753B5C7CD125
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 1EE8FEC5B4B21EBB9ABF3DED4E84820F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A236ABB2D03107A62C57CBA70B703445
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 7B5F943F2B15E4AA2921005623342ECC
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Frame ID: 24CA20368CF50352583FF0776AA4507B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B41CDAFE94D10C2DC16A64F466C6D2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAC7682DAAC04479D1438213FAE02DA3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

virten.net

Page URL History Show full URLs

http://www.virten.net/ HTTP 301
https://www.virten.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

156
Requests

87 %
HTTPS

49 %
IPv6

31
Domains

40
Subdomains

29
IPs

8
Countries

2123 kB
Transfer

4190 kB
Size

44
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://registry.terraform.io/providers/vmware/avi/latest/docs
Title: Terraform AVI Provider

Search URL Search Domain Scan URL

URL: https://avinetworks.com/docs/latest/api-guide/
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/virten

Search URL Search Domain Scan URL

URL: http://de.linkedin.com/in/fgrehl

Search URL Search Domain Scan URL

URL: http://www.v13g.de/
Title: www.v13g.de

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.virten.net/ HTTP 301
https://www.virten.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWaIRVcIq5fpgCLe1aUTx1eYlgsC2x1vW9URUgbZ_fysM2V-fTkkts2poN_q&google_gid=CAESEEXxAZF1_ffApC8EhP2a-W0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFCRzdjWW5sZA&google_push=ARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWaIRVcIq5fpgCLe1aUTx1eYlgsC2x1vW9URUgbZ_fysM2V-fTkkts2poN_q

Request Chain 94

https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GDDjloTBBS8UOZ1n-1RSLvD9QMz3lnmEqebT-6W_Tjd1NOATw6-5SauSofDAwan6U1Z7eae-YzRkNQnWeGY2qMU3QZKivnf&google_gid=CAESEKgTI0AoRD7Xc8bU49bCdh0&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK3ni5YGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUm5wOEdERGpsb1RCQlM4VU9aMW4tMVJTTHZEOVFNejNsbm1FcWViVC02V19UamQxTk9BVHc2LTVTYXVTb2ZEQXdhbjZVMVo3ZWFlLVl6UmtOUW5XZUdZMnFNVTNRWktpdm5m HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwajluLTJfZEVaX3JucTBDQVV1NU10TU14NEdBYVQ0TzJVWE5nemdRWFBoVQ==&google_push

Request Chain 95

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2pdlp5tRNDRQX_uEwBJVyCy6zKvsM1A4&google_gid=CAESEHgYOJCLhrttOgdWoAMLjV0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2pdlp5tRNDRQX_uEwBJVyCy6zKvsM1A4&google_gid=CAESEHgYOJCLhrttOgdWoAMLjV0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQxNDA1MzQwMDA4ODg5MTA4ODI0NA%3D%3D&google_push=ARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2pdlp5tRNDRQX_uEwBJVyCy6zKvsM1A4

Request Chain 96

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMT9gl5w6_cokR8I4EMDw8A&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi2lUx_&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi2lUx_&google_hm=MTA4MTg1NjEwOTk2NjU3MzMwNTU

Request Chain 106

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF46IkLU0i84RJLgdwXByQXNxiTaBaIKbunwWKQMv9MXy2UuyWZB6JifZ27eew&google_gid=CAESEE6WhS6RLCwOmTrxwY120es&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFBRlpqM1hsZQ&google_push=ARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF46IkLU0i84RJLgdwXByQXNxiTaBaIKbunwWKQMv9MXy2UuyWZB6JifZ27eew

Request Chain 107

https://d.agkn.com/pixel/2175/?google_gid=CAESEEo2lx_jU7hoG1H6vPhwlPY&google_cver=1&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye-&google_hm=Q0FFU0VFbzJseF9qVTdob0cxSDZ2UGh3bFBZ

Request Chain 108

https://rtb.openx.net/sync/dds?google_gid=CAESEPIB8eUYsi8ydEZrZ3-O6xk&google_cver=1&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPIB8eUYsi8ydEZrZ3-O6xk&google_cver=1&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuATYdYD9cjVg-Zem-7vuM&google_cver=1&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8gr3gtm29o9w8DfdV25l7_VZOqAcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkotMU8tQTk0Sw==&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8gr3gtm29o9w8DfdV25l7_VZOqAcA

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_cver=1&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ37y4uCcqQDve1i4UBUEhIKBeyM6BFY-jmjbilfeZU08RzyPWsLUcnBpLZAgtfw8eQA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ37y4uCcqQDve1i4UBUEhIKBeyM6BFY-jmjbilfeZU08RzyPWsLUcnBpLZAgtfw8eQA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ37y4uCcqQDve1i4UBUEhIKBeyM6BFY-jmjbilfeZU08RzyPWsLUcnBpLZAgtfw8eQA

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDZfb9A4UB2JIWD7OB3eAH0&google_cver=1&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDwRqpTrN3QFIrFzosZV3ueccBnWFZSVXmoQxV_xpVdGG HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDwRqpTrN3QFIrFzosZV3ueccBnWFZSVXmoQxV_xpVdGG&google_hm=yYW1BFPGbJJ_OsA-UsjksQ

Request Chain 118

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDMqHBJy8xa6THOp96O4T6k&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzkLWbN8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzkLWbN8&google_hm=MTA4MTc4NTc0MTIzOTYxOTM2MzE

Request Chain 119

https://rtb.openx.net/sync/dds?google_gid=CAESEBxor5QAxeibrAyzJWloOzo&google_cver=1&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEBxor5QAxeibrAyzJWloOzo&google_cver=1&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Request Chain 121

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNRsiydToUQ5fV48XGlwtY&google_cver=1&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mLmln14Jwn4O-f90cNKypFzPAIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkwtMUstMjI3TQ==&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mLmln14Jwn4O-f90cNKypFzPAIo

Request Chain 122

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_cver=1&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6BkPpOldXIokSpxoqUcEPY7241zkN4JgrCRm3gKW2X8ifJRcwohyWMaIxFv97skg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6BkPpOldXIokSpxoqUcEPY7241zkN4JgrCRm3gKW2X8ifJRcwohyWMaIxFv97skg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6BkPpOldXIokSpxoqUcEPY7241zkN4JgrCRm3gKW2X8ifJRcwohyWMaIxFv97skg

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECtnolkKgC5QyH4pMh9qt_c&google_cver=1&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTawHiCmNfTvbPwl4VzbqnY96uwnJnyu9HmDW9-iEkw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTawHiCmNfTvbPwl4VzbqnY96uwnJnyu9HmDW9-iEkw&google_hm=fToMq-YoFP2GLVBJsr8Pcw

Request Chain 126

https://d.agkn.com/pixel/2175/?google_gid=CAESEBhp55gZaDHLRHVYMJQXuV8&google_cver=1&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U&google_hm=Q0FFU0VCaHA1NWdaYURITFJIVllNSlFYdVY4

Request Chain 127

https://rtb.openx.net/sync/dds?google_gid=CAESEG1HCeJr3BRI36BRhZ2_r_8&google_cver=1&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEG1HCeJr3BRI36BRhZ2_r_8&google_cver=1&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Request Chain 129

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKvO1TrKeb871orElN4DkUw&google_cver=1&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1dpux962TdZGRoSw1fZ6bGm2i0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkstWC05SFMx&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1dpux962TdZGRoSw1fZ6bGm2i0

Request Chain 130

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_cver=1&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5QLoryA06gSp8vztleHxBNY4CgyCL2o8LaeRS53UsDazknc2H56tasWkwqPk8QQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5QLoryA06gSp8vztleHxBNY4CgyCL2o8LaeRS53UsDazknc2H56tasWkwqPk8QQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5QLoryA06gSp8vztleHxBNY4CgyCL2o8LaeRS53UsDazknc2H56tasWkwqPk8QQ

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 152

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

156 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.virten.net/
Redirect Chain

http://www.virten.net/
https://www.virten.net/

105 KB
21 KB

540ms
481ms

Document
text/html

2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9dfa9e7e852d4c2ba8089fa66dcef473af1a75cef8575062372e4dd4319fd31f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Jul 2022 14:05:30 GMT
Link: <https://www.virten.net/wp-json/>; rel="https://api.w.org/" <https://wp.me/2tAfJ>; rel=shortlink
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 185
Content-Type: text/html
Date: Mon, 04 Jul 2022 14:05:29 GMT
Location: https://www.virten.net/
Server: nginx/1.14.2

GET
H/1.1 200
OK a5ff7.css
www.virten.net/wp-content/cache/minify/ 81 KB
11 KB 347ms
346ms Stylesheet
text/css 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/a5ff7.css
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: fa1629f63574b87e0242e3d19358ff0789e714902b186adf1723a9dcb802548a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Apr 2022 09:04:05 GMT
Server: nginx
ETag: "pub1651223045;gz"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 11079
Expires: Tue, 04 Jul 2023 14:05:30 GMT

GET
H/1.1 200
OK a7b14.css
www.virten.net/wp-content/cache/minify/ 54 KB
9 KB 523ms
470ms Stylesheet
text/css 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/a7b14.css
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7de8c28163a7846b06a45f2ac3617a400d4c4742320c543d12e9fb2f14b10bc6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 11:20:31 GMT
Server: nginx
ETag: "pub1653909631;gz"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 8398
Expires: Tue, 04 Jul 2023 14:05:30 GMT

GET
H/1.1 200
OK 95e84.css
www.virten.net/wp-content/cache/minify/ 74 KB
13 KB 518ms
464ms Stylesheet
text/css 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/95e84.css
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 114811887baca35be2e5b637d553116f3ebed7e95eb7ed4b486b44619ec78997

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 May 2022 06:44:22 GMT
Server: nginx
ETag: "pub1652856262;gz"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 13107
Expires: Tue, 04 Jul 2023 14:05:30 GMT

GET
H/1.1 200
OK 30136.css
www.virten.net/wp-content/cache/minify/ 93 KB
19 KB 340ms
287ms Stylesheet
text/css 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/30136.css
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 204d068a2415941f6bd09b49445343b989f233ec3d7bf265bc0c71ae50b983e2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 May 2022 11:20:26 GMT
Server: nginx
ETag: "pub1653909626;gz"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 18922
Expires: Tue, 04 Jul 2023 14:05:30 GMT

GET
H/1.1 200
OK 818c0.js Show response
www.virten.net/wp-content/cache/minify/ 98 KB
34 KB 312ms
311ms Script
application/x-javascript 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/818c0.js
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: dd42fb9a377214fa9741a7db7502eff7b1b14ef6a186ddda0602877ee3390ac4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Aug 2021 15:09:45 GMT
Server: nginx
ETag: "pub1629212985;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 34199
Expires: Tue, 04 Jul 2023 14:05:31 GMT

GET
H/1.1 200
OK a6c57.js Show response
www.virten.net/wp-content/cache/minify/ 27 KB
7 KB 510ms
509ms Script
application/x-javascript 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/a6c57.js
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 74a3cb03a59beecff186a92d23f4a70d57f0531d3e7466f1818b8859022dcb91

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 May 2022 06:44:22 GMT
Server: nginx
ETag: "pub1652856262;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 6660
Expires: Tue, 04 Jul 2023 14:05:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 119ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31382866-1

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ce1bf8332fde79de063b399ce65c874af272236e739bf3ed3ce472e18b37418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40360
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 14:05:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 174ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aed273578fc1b4baf1d411116022d1730bc6725b5a878b33b2e576323bf97ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56370
x-xss-protection: 0
server: cafe
etag: 306451104106726332
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 14:05:31 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 66 KB
18 KB 1033ms
38ms Script
application/javascript 108.161.189.78
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.189.78 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Jun 2022 18:18:52 GMT
Server: NetDNA-cache/2.2
x-amz-meta-s3cmd-attrs: atime:1654280297/ctime:1654280295/gid:1000/gname:nathan/md5:4896c8077f50520418d4d1ab293b6545/mode:33204/mtime:1654280295/uid:1000/uname:nathan
x-amz-request-id: MBW9626BES7QZTXQ
ETag: W/"4896c8077f50520418d4d1ab293b6545"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: TenHRdGHmLcU/MjzBuELYTR9Wbg3RIGfeTviCpdlI6kS7L2rnjWTLiTMPyda7S3shT5jq8fOKWY=
Expires: Tue, 05 Jul 2022 14:05:31 GMT

GET
H/1.1 200
OK vmware-event-broker-powercli-deployment.png
www.virten.net/wp-content/uploads/2021/12/ 90 KB
91 KB 53ms
52ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/12/vmware-event-broker-powercli-deployment.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 72f9a4238b06375bb33bf9f012f4c7b7f2b906e5dbbc659de34321cdfe6aa700

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Sun, 05 Dec 2021 12:22:39 GMT
Server: nginx
ETag: "61acaf0f-1692a"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92458
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK twitter.png
www.virten.net/wp-content/plugins/social-media-widget/images/default/32/ 877 B
1 KB 29ms
26ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/plugins/social-media-widget/images/default/32/twitter.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0e2160fefe0b02729a87a03ef7f21fe2003b7054a7bbb5c11011c11a51a4156f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Tue, 07 Feb 2017 18:30:34 GMT
Server: nginx
ETag: "589a124a-36d"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 877
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rss.png
www.virten.net/wp-content/plugins/social-media-widget/images/default/32/ 2 KB
2 KB 31ms
29ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/plugins/social-media-widget/images/default/32/rss.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: e9e999fe97c5e10e60b9529047d90f4e5be1129be09b8623928ec75d2d742015

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Tue, 07 Feb 2017 18:30:34 GMT
Server: nginx
ETag: "589a124a-6d2"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1746
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK linkedin.png
www.virten.net/wp-content/plugins/social-media-widget/images/default/32/ 2 KB
2 KB 66ms
34ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/plugins/social-media-widget/images/default/32/linkedin.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 133093dc3d145a5828d7011c5344ca59f9c0d7d28e235f0c50ab80491afadb30

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Tue, 07 Feb 2017 18:30:34 GMT
Server: nginx
ETag: "589a124a-62c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1580
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 onejs Show response
z-na.amazon-adsystem.com/widgets/ 22 KB
8 KB 478ms
54ms Script
application/javascript 18.64.99.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=2f810f65-9d7e-4f35-9cc7-42b099b49811
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.99.206 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-99-206.txl50.r.cloudfront.net
Software: Server /
Resource Hash: f24431ccff99d993b541e5a958667d27f05612cfe43a91ad970f0157859e23a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: Public
date: Mon, 04 Jul 2022 14:04:13 GMT
content-encoding: gzip
server: Server
age: 79
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
charset: UTF-8
cache-control: public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop: TXL50-P3
content-length: 7394
via: 1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
x-amz-cf-id: ZEKNL9EKORS-_v0hEmdbivipRma04B1HA4k34ryCFnGLFCIOl-mlFw==
expires: Mon, 04 Jul 2022 14:09:13 GMT

GET
H/1.1 200
OK 26e00.js Show response
www.virten.net/wp-content/cache/minify/ 7 KB
3 KB 994ms
918ms Script
application/x-javascript 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.virten.net/wp-content/cache/minify/26e00.js
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: f12b68a05e8e6b512a015cd173135a092529e9e42433c3af2eec3b39fa841675

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: public
Date: Mon, 04 Jul 2022 14:05:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Apr 2022 09:03:23 GMT
Server: nginx
ETag: "pub1651223003;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000, public
Connection: keep-alive
Content-Length: 2505
Expires: Tue, 04 Jul 2023 14:05:31 GMT

GET
H2 200 e-202227.js Show response
stats.wp.com/ 9 KB
3 KB 96ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202227.js
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc: HIT cdg
date: Mon, 04 Jul 2022 14:05:31 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 26 Jun 2023 08:15:22 GMT

GET
H/1.1 200
OK head_sw.jpg
www.virten.net/wp-content/uploads/2012/05/ 4 KB
5 KB 41ms
33ms Image
image/jpeg 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2012/05/head_sw.jpg
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: e9f93b628e22c5bf1e2622c8b25c8bba3d09c32d738e9b5ce1790b242e5e96be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Mon, 07 May 2012 22:21:56 GMT
Server: nginx
ETag: "4fa84b04-1186"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4486
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK virten-logo-transparent.png
www.virten.net/wp-content/uploads/2021/02/ 828 B
1 KB 72ms
27ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/02/virten-logo-transparent.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6b309c4509069ece27817f6958ebdaea1c0a3373d931910b0712e55b32162b94

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Sun, 28 Nov 2021 13:14:01 GMT
Server: nginx
ETag: "61a38099-33c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 828
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CVSIL5V.json Show response
srv.buysellads.com/ads/ 7 KB
1 KB 104ms
22ms XHR
application/json 161.35.94.188
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CVSIL5V.json?segment=selfserve
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: e7f750548f2ee2c68dc6d192ac7285f8c4a01113179481b19b98a3789aaeaddd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 14:05:31 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 970
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
368 B 642ms
266ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=2.083126675880407
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:32 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: VRDDK7243C6J89YS
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: +/4TNZZLWElEraGwqbic8/W9gl3ZE+gEFg7ovcFDegwRSzYuGC9hp5tJw7f3DvxqYPlF3JDPqUI=
expires: Thu, 29 Jun 2023 14:05:32 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
370 B 614ms
267ms Image
image/gif 94.31.29.32
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=2.083126675880407
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:32 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: VRDCPYX3K5FD7E3D
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: OP+GBU5OxDtJblEQ9PYQncxCJnqnCvs7DqXOqz3YvT9Wq+KvHzXFDP3cFBrqiMaskLPjGJiad9E=
expires: Thu, 29 Jun 2023 14:05:32 GMT

GET
H/1.1 200
OK esxi-kickstart-installation.png
www.virten.net/wp-content/uploads/2021/11/ 5 KB
6 KB 74ms
73ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/11/esxi-kickstart-installation.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: c355bcdac9317b32556a02f04f717cb06c5addca9633f6b96632f8ca63fcac80

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Sun, 28 Nov 2021 11:25:58 GMT
Server: nginx
ETag: "61a36746-14de"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5342
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK error-getting-data-for-filesystem-on.png
www.virten.net/wp-content/uploads/2021/11/ 22 KB
22 KB 53ms
53ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/11/error-getting-data-for-filesystem-on.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: ef82c49016a2e9e585bb789725cbc93765551914c346a9d2d1febf95dbbfa879

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Sun, 28 Nov 2021 11:26:23 GMT
Server: nginx
ETag: "61a3675f-57a8"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22440
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vcd-api-explorer-not-available.png
www.virten.net/wp-content/uploads/2021/11/ 11 KB
11 KB 29ms
29ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/11/vcd-api-explorer-not-available.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3e4834e7a6f05abade2399ac445c4aaddc3d6e3136be004a8489d592c7fde045

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Mon, 22 Nov 2021 19:40:27 GMT
Server: nginx
ETag: "619bf22b-2bb9"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11193
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vcd-api-explorer-403-forbidden.png
www.virten.net/wp-content/uploads/2021/11/ 7 KB
8 KB 32ms
32ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/11/vcd-api-explorer-403-forbidden.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9670e2e16600ef29f4d5342f6005c9eb04888dc2b5768dfaa689338bae5ed797

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Sun, 28 Nov 2021 11:26:35 GMT
Server: nginx
ETag: "61a3676b-1dd1"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7633
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK kubernetes-with-tkgm-cloud-director-300x248.png
www.virten.net/wp-content/uploads/2021/11/ 8 KB
8 KB 34ms
34ms Image
image/png 2a01:488:66:1000:b24d:4dbe:0:1
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.virten.net/wp-content/uploads/2021/11/kubernetes-with-tkgm-cloud-director-300x248.png
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:488:66:1000:b24d:4dbe:0:1 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3e3a45c6044f690734ebf04a7da38caabc1dc894b1bd99fb7d57d6c062851bf3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:31 GMT
Last-Modified: Wed, 17 Nov 2021 21:05:58 GMT
Server: nginx
ETag: "61956eb6-1e27"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7719
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 25ms
19ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9.1&blog=36603543&post=0&tz=2&srv=www.virten.net&host=www.virten.net&ref=&fcp=1779&rand=0.1340393199459169
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 14:05:31 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 339 KB
120 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9765669778980727&plah=www.virten.net&bust=31068288

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

134d4a412e3e24b152b00758a9de2dc91647109fc9a31425c77310ba5a82334d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122223
x-xss-protection: 0
server: cafe
etag: 4130314807411229753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 14:05:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame F5B5 10 KB
5 KB 128ms
26ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 76665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 16:47:47 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 16:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 111ms
26ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31382866-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3643
date: Mon, 04 Jul 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 15:04:49 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 154ms
34ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.virten.net&callback=_gfp_s_&client=ca-pub-9765669778980727

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9765669778980727&plah=www.virten.net&bust=31068288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2d14ccfba51920109516d72d1e75967978caed24908896b0d500cc8f3099bf86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 149ms
36ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.virten.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
37ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.virten.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 295C 0
19 B 135ms
81ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&adk=3105533540&adf=2621220088&lmt=1656943532&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.virten.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531943&bpp=5&bdt=1338&idt=164&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6486803413057&frm=20&pv=2&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=238

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:32 GMT
expires: Mon, 04 Jul 2022 14:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0C3 66 KB
27 KB 321ms
320ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3002269269&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531948&bpp=3&bdt=1343&idt=290&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jg98pLIVQS&p=https%3A//www.virten.net&dtd=297

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7458c2c8b9b7730e698723d29c84719ae5bb653cf58242df850cdce3bfd88f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27484
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:32 GMT
expires: Mon, 04 Jul 2022 14:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81D2 71 KB
29 KB 330ms
319ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

294e1ad96498dc7ea167b9d42d022d3b85b3f3000e14cebb05828bfcaa70a260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29929
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:33 GMT
expires: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 96ms
34ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1965092035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.virten.net%2F&ul=en-us&de=UTF-8&dt=virten.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=465615792&gjid=1278844271&cid=1269352263.1656943532&tid=UA-31382866-1&_gid=1814695320.1656943532&_r=1&gtm=2ou6t0&z=2100444899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.virten.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.virten.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A977 31 KB
12 KB 332ms
323ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e5ca8887ef77835f79c3f1ab69ec936a53c2e7c09a6966259d4390345fc617f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:33 GMT
expires: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CB6 82 KB
31 KB 333ms
325ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

761656b2576cc46219807fb3a38ec6f5eb20dffba52e53bd84e232eb0ff0bde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32096
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:33 GMT
expires: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 108ms
41ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.virten.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 108ms
41ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.virten.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FE7 82 KB
31 KB 352ms
345ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebf79bf0ceec2ea0e5245a52606e912a80fe2cc23853615d7d3ecb8772ee8fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31876
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:33 GMT
expires: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 166ms
27ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31382866-1&cid=1269352263.1656943532&jid=465615792&gjid=1278844271&_gid=1814695320.1656943532&_u=YAhAAUAAAAAAAC~&z=190822585

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.virten.net/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 14:05:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.virten.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13603801045840307722
tpc.googlesyndication.com/daca_images/simgad/ Frame B0C3 119 KB
119 KB 178ms
50ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13603801045840307722

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3002269269&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531948&bpp=3&bdt=1343&idt=290&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jg98pLIVQS&p=https%3A//www.virten.net&dtd=297

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2db3d71488b26c8b00f7b8a15320224e46fb3bd5d32896c381f7dd45247bdd74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 18:59:52 GMT
x-content-type-options: nosniff
age: 155140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121718
x-xss-protection: 0
last-modified: Sat, 07 May 2022 13:30:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jul 2023 18:59:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame B0C3 21 KB
9 KB 147ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:50:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B0C3 3 KB
1 KB 126ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0C3 138 KB
43 KB 292ms
153ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B0C3 17 KB
7 KB 123ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:06 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B0C3 31 KB
13 KB 129ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:27:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B0C3 0
0 134ms
78ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C33nkrPPCYqPCEYyB1fAPtPOv-A3ZsdeAaryitobuD8CNtwEQASDH2KceYPsBoAHy6_zQA8gBAqgDAcgDyQSqBMYBT9CU1Atbkex8D_vkdYee6_FyW-ggHVNbSBXINXRiSnQuyYg_70_mfnmYwfJZ0TtjfBji4dSidTd9Ti5FBCkrpOdhwb_VGZsewU5lEoXenm3l-GsskrFD2q2XDaXvUUtBdvUUkc1LOH_51aHo9Af93SxtAoZ1eQkppAxpyduPe9SKZWidJIhBpWYYhn8pYiMlHPRBlKTZIJJ0y4jq8IyO4SaH-kNxvoHrXPgz2nwXXJceNSmaJjyrGc3QChYYlzLCx8YF2PPOwATN6fa--gOSBQQIBBgBkgUECAUYBKAGAoAH9pODL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJPDBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTk3NjU2Njk3Nzg5ODA3MjcYAA&sigh=zsa1xGlDiks&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3002269269&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531948&bpp=3&bdt=1343&idt=290&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jg98pLIVQS&p=https%3A//www.virten.net&dtd=297
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 14:05:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Jul 2022 14:05:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F69 143 B
163 B 27ms
25ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3002269269&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531948&bpp=3&bdt=1343&idt=290&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jg98pLIVQS&p=https%3A//www.virten.net&dtd=297
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F69
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

167ms
94ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:33 GMT
expires: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 12504833631148211755
tpc.googlesyndication.com/simgad/ Frame 81D2 106 KB
106 KB 126ms
56ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12504833631148211755

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e41d593e489b2faf99cd2d6a1a05725c19860e05cf58543a9db1f14fdd5595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:53:49 GMT
x-content-type-options: nosniff
age: 195104
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108265
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:12:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jul 2023 07:53:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 81D2 21 KB
8 KB 124ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:50:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 81D2 3 KB
1 KB 287ms
242ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:03:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81D2 138 KB
42 KB 284ms
195ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 81D2 17 KB
7 KB 224ms
180ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 81D2 0
0 41ms
38ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSc0pPWIksx4TQxS_3f775No-RRZ71fTW_jYrSYao2xQpIE92BFlPszqOexZiIUOt9psU0Rzkc4gl8tvHtW_5CGzEqfDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 81D2 31 KB
13 KB 284ms
241ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:27:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 81D2 0
0 99ms
96ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv0A2rPPCYvCbNNfV1fAP-5-C8A2er77_asOu0rGhEJaCzYWIFhABIMfYpx5g-wGgAb_L5oUCyAEDqAMByAPJBKoE3AFP0N5JKfvq9Gi7zoSlNbUqe2cb2m1wD9X7o3Ev7l1DC_BWEGX5QaMUOGaP9TUjwc-LsAs-Kgm_rHkUTaI0xInqcls8O-aaV5picpkWGXGDw3kWEHE19-iyn2i4vTPH46Rf0XsGkSHLKyNY2kWHOkH5WHYBK0BLZwqEvHtiehqnZqMPqIaNPVQhJpjv5u-S6wpYr-rJeq_2m51UBuqmXz2HQOVgSM1fbpCrtFunTk9wBcOOriVki9GFyr_rXrmOiILVVquaQ5gUCwUrRg6Hdy4Bqa44ceyLY3KANKP3wATm3ZbO9QOSBQQIBBgBkgUECAUYBKAGA4AH_7yBswKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCkZNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk3NjU2Njk3Nzg5ODA3MjcYAA&sigh=NofHFy39pus&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 12238003990450620873
tpc.googlesyndication.com/daca_images/simgad/ Frame 8CB6 78 KB
78 KB 259ms
251ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12238003990450620873

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6677c0bfc890595dbdba94c304430ea216fd99f6e8751e8996e1c32cd7d6c535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 10:47:04 GMT
x-content-type-options: nosniff
age: 184709
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79894
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 08:49:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 02 Jul 2023 10:47:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 8CB6 21 KB
8 KB 61ms
54ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:50:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8CB6 3 KB
1 KB 199ms
110ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:03:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CB6 138 KB
42 KB 329ms
241ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8CB6 17 KB
7 KB 157ms
68ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8CB6 0
0 142ms
53ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuwMfVP4J7fjHpdH93-8IGfCIAPK7JEgBWFhaWKPZ_M6mSUhwTnyQEL9UvAHN4ROdACHDS8rSUf0tHdI3mP4UXqkjSiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8CB6 31 KB
13 KB 201ms
112ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:27:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B1B9 0
0 141ms
140ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1yBirPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoEwwFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5QuILgUSJ2PJtI5EoKlelhVpqyUr5phYT5NBo8q_evIUdb9moyMgyABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3NjU2Njk3Nzg5ODA3MjcYAA&sigh=-6L04NyemK8&uach_m=[UACH]&cid=CAQSKQCNIrLMHmnBvSBKR8wIHFTSGI8X2X_v0R2n99C7H4XddawGYEAfbDVMGAE

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B1B9 0
0 266ms
9ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hyxstmdxe54wpn4jfzeeqcf1gsxvh429874d6f5dv1gcaxdvhxjwyzg3t16td9av4w6d1f3sax4ty1rxtr63agkydczr0mys32e4v703pxw1r1nbm1rd9419jppg2k4tnzfqwnsay0deqg9xete8zswzbeyv136ar0bpwa691gp178x4vrcb9ekqsznh21gdq37r90a52b0mfdmfm4sy17majtr8p10brzswec5xxz6xfsvek41pjx18xr8m1v91rk9m83tcxd9mttrsb15acsm54pmdtbqsr180yg6sd8tngamj9qfc6yd00yb059hgtmkbb73pthyxe0835h427q91mtm0jmdnsv6b31k2zc9tqkpj9carvgvtqhph0jswwts1fyc1jcvwm0gzxns46s5jz47e&b=YsLzrAANCBMIFUHGAAGCmrFiP7M1rFADdZDiwA
Requested by: Host: www.virten.net
URL: https://www.virten.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1479 2 KB
3 KB 326ms
72ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a494e031be731069951258b160aa3ecacf9bda06d0befc15e8273ccfd825450

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72586a9c38d33aab-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B1B9 3 KB
1 KB 242ms
242ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:03:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3FF5 1 KB
749 B 136ms
94ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B1B9 138 KB
42 KB 336ms
294ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame B1B9 17 KB
7 KB 229ms
187ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B1B9 0
0 273ms
56ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5M6d_1AXueCXGrhP3t7uzD_64ZKHwTT03aRIixdtMhLyAOOHO_YI7qgWc4735ZqfXJGlspTCZvA4SKc57BcjCC_e1TA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 875170824947451276
tpc.googlesyndication.com/daca_images/simgad/ Frame 8FE7 70 KB
70 KB 213ms
171ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/875170824947451276

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd4ad4b3c39ddb5da8ec491b4cb41b2bc2244ee268a560b0bbc99c85379954ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 11:44:38 GMT
x-content-type-options: nosniff
age: 94855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72055
x-xss-protection: 0
last-modified: Sun, 27 Feb 2022 10:40:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 03 Jul 2023 11:44:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 8FE7 21 KB
8 KB 202ms
161ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 13:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 13:50:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8FE7 3 KB
1 KB 180ms
125ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:03:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8FE7 17 KB
7 KB 145ms
90ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 14:02:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FE7 0
0 100ms
46ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9ASwyOTEHTIfJ6_h7i2aeXn-IVLRVrunREZVvoscotpJEPUKSQ-ZlDtSeeOwL5ogeLzAuXynS46gfeRVmkq0icQPdmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FE7 138 KB
42 KB 476ms
421ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 8FE7 31 KB
13 KB 181ms
118ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20277
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 08:27:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8CB6 0
0 208ms
121ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaOkZrPPCYvueNOTNxgPrrJP4DZ6vvv9q_sjc1fUPloLNhYgWEAEgx9inHmD7AaABv8vmhQLIAQKoAwHIA8kEqgTWAU_QsAaMtaqGQrxFDwIds3OVmkNIF2SwDF2BebObXLpfWJkdSJmycuX2Pt2w8cvW_ggeOqJPnO3KgLQ4-skbqM0DXr8cHRF7l9nQC_givmgVAs92ym28Ngr-g_UskYNesIN0L7vp0roDrcvPUS-d6Oe7r9C686l5Xm0WkiVSIsda0TKF0yxuEDrAEFmWZ4DUSu9-j1hov4hZXbL_BXG9WKmdb3rDgW8GEiN4a-g4Y3x2oO-7Nodmhm-Ugrl6wCgQ-ROPFKU0rZ_lYKr-dWrCje-2km3nbijABObdls71A5IFBAgEGAGSBQQIBRgEoAYCgAf_vIGzAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEIZX0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItOTc2NTY2OTc3ODk4MDcyNxgA&sigh=YRKvAXYAybs&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FE7 0
0 142ms
97ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkFr6rPPCYsybNO-B1fAPyaSGyAHJlPD_arrY4PiUEMvyuue9KhABIMfYpx5g-wGgAb_L5oUCyAECqAMByAPJBKoE2QFP0HOXETxmv8P-05xlBFm3OgjvVAjsgr3b25WWYD2XbrrsVCjLYVXNhci6ltcW_NOkAnIdfiSAgJ3Mzgm90yy0twgsZAKjm2u3cerrqHDvKRKLwmRiKY7rBhTf39dVdVQDvVT098tG2YYEEz6JB8V0Z1C5o9GN7-TMXwN5vziRqPsqi1BcilUaCNTHq_tp36fUYsIdHeHMeWQ4rYpC3gXXumTdGbZsIB3h1iiThZu79tJZ3VqwIeKXQHoZ4VTZAI4Gj7PFTuDAz86CsfnTpxLtzY9QyzXC9KALwASMj6-7_wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH_7yBswKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCcU9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk3NjU2Njk3Nzg5ODA3MjcYAA&sigh=AkQ4tLNmybc&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 14:05:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B0C3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93cde47b819c982f7e47331aec9352ac585c9beadd203d01cea4109582d7cc9d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C40 143 B
163 B 72ms
41ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 06AF 1 KB
749 B 70ms
35ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8ED 143 B
163 B 85ms
62ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B87D 1 KB
749 B 88ms
69ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 81D2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcfbd1f2d99329dd6f22c3fed6225cc36497907dabebcc96c3094adefbe49615

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 1479 84 KB
11 KB 135ms
59ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 875270
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 24 Jun 2022 10:57:43 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 72586a9dfbe3cd83-CDG
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1479 35 KB
13 KB 178ms
45ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93749ef65d8d50ddb26ea6ed303f2bf6bbec7a41f8873529c28c8bd2b0967439

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=2DsxMw==, md5=6/HqT8v8e8x2SVx+ED4yYQ==
date: Mon, 04 Jul 2022 14:05:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6538
x-guploader-uploadid: ADPycdsIuWTwxPiAn_1n00CpMzMlmL8AA8ROZi44do7hArPqWv8O8ZDbKGRqDyeTy5IOrKMcwI6SX6MNZXB-xC61ZWvcbGNXtF5H
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Jun 2022 12:15:56 GMT
server: cloudflare
etag: W/"ebf1ea4fcbfc7bcc76495c7e103e3261"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5ylOToyf9ksDtIlTsurKa%2FoHDQCEpXqkEATG6TWU3gqbn0BpWbWVVxV5lXCY9v1eY5DgRe%2BAdPNOTu%2BO7aPtjzPq%2FboH%2Fh3UTIXPv7CCuzfArYZN5XBvo%2FRDH0qoaFEeF0vurE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1654863355945940
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11859
cf-ray: 72586a9e4ccb3aab-CDG
expires: Mon, 04 Jul 2022 12:16:35 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3FF5 35 B
463 B 160ms
5ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDYUs2HZBYvImoJOV0u8wP4&google_cver=1&google_push=ARnp8GCaVkOs6Xp7abUtVw3VKvULpoYvkBW7CcMLcn9hNYtPfjs6jBiqdc4OG1NJtL8HbG4QJS2FkMmSZZkGyHhweAKNilDpfWsY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FF5
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWa...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFCRzdjWW5sZA&google_push=ARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWaIRVcIq5fpgCLe1aUTx1eYlgsC2x1vW9URUgbZ_fysM2V-fTkkts2poN_q

170 B
188 B

102ms
85ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFCRzdjWW5sZA&google_push=ARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWaIRVcIq5fpgCLe1aUTx1eYlgsC2x1vW9URUgbZ_fysM2V-fTkkts2poN_q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFCRzdjWW5sZA&google_push=ARnp8GCsNc0dscL3wKq0RwbpL7bo-nFsJo_MmJfYjWaIRVcIq5fpgCLe1aUTx1eYlgsC2x1vW9URUgbZ_fysM2V-fTkkts2poN_q
Date: Mon, 04 Jul 2022 14:05:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FF5
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GDDjloTBBS8UOZ1n-1RSLvD9QMz3lnmEqebT-6W_Tjd1NOATw6-5SauSofDAwan6U1Z7eae-YzRkNQnWeGY2qMU3QZKivnf&google_gid=CAESEKgTI0AoRD7Xc8bU49bCdh0&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK3ni5YGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUm5wOEdERGpsb1RCQlM4VU9aMW4tMVJTTHZEOVFNejNsbm1FcWViVC02V19UamQxTk9BVHc2LTVTYXVTb2ZEQXdhbjZVMVo3ZWFlLVl6UmtOUW5XZU...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwajluLTJfZEVaX3JucTBDQVV1NU10TU14NEdBYVQ0TzJVWE5nemdRWFBoVQ==&google_push

170 B
188 B

123ms
83ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwajluLTJfZEVaX3JucTBDQVV1NU10TU14NEdBYVQ0TzJVWE5nemdRWFBoVQ==&google_push

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwajluLTJfZEVaX3JucTBDQVV1NU10TU14NEdBYVQ0TzJVWE5nemdRWFBoVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FF5
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GBTboIs...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GBTboIs...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQxNDA1MzQwMDA4ODg5MTA4ODI0NA%3D%3D&google_push=ARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2p...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQxNDA1MzQwMDA4ODg5MTA4ODI0NA%3D%3D&google_push=ARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2pdlp5tRNDRQX_uEwBJVyCy6zKvsM1A4

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQxNDA1MzQwMDA4ODg5MTA4ODI0NA%3D%3D&google_push=ARnp8GBTboIsa9UQ2w2U1UFh7N9lGidUps5q3ppHuEsK-p23uNwjubMM2etFdA1Ksb0Z2pdlp5tRNDRQX_uEwBJVyCy6zKvsM1A4
pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 04 Jul 2022 14:05:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FF5
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMT9gl5w6_cokR8I4EMDw8A&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi2lUx_&google_hm=MTA4MTg1NjEwOTk2Nj...

170 B
188 B

291ms
86ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi2lUx_&google_hm=MTA4MTg1NjEwOTk2NjU3MzMwNTU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GBhn1zOF-PsXzIy_M7HciXZun3zI6yakyui4QXxAZiwUzLv_PYHn4jGQU_5T_vHCtUAQykE0ucHgKnuyH6B--yqUyi2lUx_&google_hm=MTA4MTg1NjEwOTk2NjU3MzMwNTU
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3FF5 0
41 B 1199ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGm8UBbVu_52C1-Nk2V1x3I&google_cver=1&google_push=ARnp8GDqVwD8yjh1hXkNKeXQ6lUDEAZfirKH01C87YVrh-CSvdsdXeymFDX-dj7Zo4-Ew4Mt0HHKZBnueUmEP1qvysPlpcGgD3yr
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET googleredir
googlecm.hit.gemius.pl/ Frame 3FF5 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3FF5 0
49 B 218ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13It7MZbjtIZXma667woeK6rPDApTnD8IBEDvTc8_Gpv257K5YsM5MUdVioD0UNN7mVO60KOWw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=375639347&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1349&idt=374&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ywD5i8wfWi&p=https%3A//www.virten.net&dtd=378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF8B 143 B
163 B 120ms
73ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 3428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 13:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63AA 1 KB
749 B 115ms
72ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 2361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Tue, 05 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8FE7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4cf9e730496cf8b34fa202aac0264f3167c8430e529072aaebfe6ecb154816d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B1B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 658a3c167907d425000012427e58b69cf0d9c2a484175a8173dc1cf0f59df105

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FFF 36 KB
14 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 08:39:51 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 06AF 35 B
463 B 68ms
26ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOi7VCXy8iQN_RG0caBNt2U&google_cver=1&google_push=ARnp8GBTW-nz5qpHp8wFrK8E0AtA45hHzOisIAN-2fqyjE5lTeUfFm87VgR-eAgHvNmM17XM6jh8qzKdsSvKM6W6jrVeYQaBsHNSdQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AF
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF4...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFBRlpqM1hsZQ&google_push=ARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF46IkLU0i84RJLgdwXByQXNxiTaBaIKbunwWKQMv9MXy2UuyWZB6JifZ2...

170 B
188 B

96ms
79ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFBRlpqM1hsZQ&google_push=ARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF46IkLU0i84RJLgdwXByQXNxiTaBaIKbunwWKQMv9MXy2UuyWZB6JifZ27eew

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNMenJnQUFBRlpqM1hsZQ&google_push=ARnp8GA4lKHIn9qA8wa-kBtdjwljgSbTy77eOOZnzF46IkLU0i84RJLgdwXByQXNxiTaBaIKbunwWKQMv9MXy2UuyWZB6JifZ27eew
Date: Mon, 04 Jul 2022 14:05:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEo2lx_jU7hoG1H6vPhwlPY&google_cver=1&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye-
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye-&google_hm=Q0FFU0VFbzJseF9qVTdob...

170 B
188 B

75ms
71ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye-&google_hm=Q0FFU0VFbzJseF9qVTdob0cxSDZ2UGh3bFBZ

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 14:05:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GBBaqZ7bMA1USvpMEZdavbwplugSGCvq2W7W7k16mS8s5FPPInD079qvUqf1ZJtp-jCe6O5Qhfq4o3JRPsbeXKLzgj75Ye-&google_hm=Q0FFU0VFbzJseF9qVTdob0cxSDZ2UGh3bFBZ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AF
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPIB8eUYsi8ydEZrZ3-O6xk&google_cver=1&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw
https://rtb.openx.net/sync/dds?google_gid=CAESEPIB8eUYsi8ydEZrZ3-O6xk&google_cver=1&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJa...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

170 B
188 B

97ms
80ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GBbGLUaZMvRnimYle59QmU1TbGqtXhRQA8PoeMPXqGkaTrhnXGTJhNbQaTgYnYk4lfsfvSo9P76kdjX-ogjKrwNtesmvCTJaw&google_hm=zkOc7fpBxiA5nW4wIlppqA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 0m2jq4jhp6r58arv2qedb5bh2pjh9ptv

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 06AF 0
166 B 1051ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN2chUEqh8WRzhM7O44DOx4&google_cver=1&google_push=ARnp8GAeAy8Ng903PBVb43xxSZ1mZnNNcsKeux755uox02m2zemR_giKjqwytnvXPBehzEkBVS6mZhspX8ncEO0mA7tsdv-RjOImxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOuATYdYD9cjVg-Zem-7vuM&google_cver=1&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8g...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkotMU8tQTk0Sw==&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8gr3gtm29o9w8DfdV25l7_VZOqAcA

170 B
188 B

58ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkotMU8tQTk0Sw==&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8gr3gtm29o9w8DfdV25l7_VZOqAcA

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkotMU8tQTk0Sw==&google_push=ARnp8GAwA1JD9M-roxfYKRVpiZjxPaWmbOmYtaeTupW0Ugj-kRH6bqWnQ6fJQcQVfFt7sVOQw8gr3gtm29o9w8DfdV25l7_VZOqAcA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 06AF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ3...

170 B
188 B

38ms
36ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ37y4uCcqQDve1i4UBUEhIKBeyM6BFY-jmjbilfeZU08RzyPWsLUcnBpLZAgtfw8eQA

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWaGsntNs5%2BnVHCN3CPbzLLJorrkKW7hiPabwwTTPSH7J9YFB4A1dCseZNALf5iLFZ2qSve4Kyl1ZYIt9d%2BqtbT9dtiLpSehrtIfHA%2F6mv9kDYSIqay4YbS2EpsIxyotYZ4pjV%2Bv9VN55w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKizjKJprdOB7foWxDcC03w&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GArLeyuJ3GgAkS9Ig7B-x3XuZECrlUJ37y4uCcqQDve1i4UBUEhIKBeyM6BFY-jmjbilfeZU08RzyPWsLUcnBpLZAgtfw8eQA
cache-control: no-cache
cf-ray: 72586aa13d9632b1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 06AF 0
232 B 71ms
31ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd5Cch-VnDWEHVGYO6phwsCuixvkX01Z3m5WB27qLEC0v1lzz9w9gBMLsu60FNHk6f75pQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3C40
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

103ms
83ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:34 GMT
expires: Mon, 04 Jul 2022 14:05:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8CB6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b91cfa8fd33976351a26a651ed734c9906406985a975473eebc819706e655dd6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FEC 36 KB
14 KB 105ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=1503744636&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531951&bpp=2&bdt=1346&idt=322&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=1159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pN1rRQaURr&p=https%3A//www.virten.net&dtd=325

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 08:39:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDZfb9A4UB2JIWD7OB3eAH0&google_cver=1&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDw...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDwRqpTrN3QFIrFzosZV3ueccBnWFZSVXmoQxV_xpVdGG&google_hm=yYW1BFPGbJJ_...

170 B
188 B

142ms
85ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDwRqpTrN3QFIrFzosZV3ueccBnWFZSVXmoQxV_xpVdGG&google_hm=yYW1BFPGbJJ_OsA-UsjksQ

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAszxbYuyIS7AoiT4Xj8m1Voe_Wh_4KBp4bdYFcfeY25QF7fqoVDwRqpTrN3QFIrFzosZV3ueccBnWFZSVXmoQxV_xpVdGG&google_hm=yYW1BFPGbJJ_OsA-UsjksQ
pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame B87D 42 B
59 B 171ms
70ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GB2sHUJm9J4gF4K5d1BuHaXYgz3-gSTjeR6Rd7SmMwdFI1mNFSc9yS1gFvUl02k8Zx4-3hJlolnkJDd7ZL5JsVcg1LLryWZ&google_gid=CAESEEGK5Z6_brP7oJ8kGp2x8Cc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDMqHBJy8xa6THOp96O4T6k&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzk...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzkLWbN8&google_hm=MTA4MTc4NTc0MTIzOT...

170 B
188 B

124ms
83ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzkLWbN8&google_hm=MTA4MTc4NTc0MTIzOTYxOTM2MzE

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=ARnp8GAZu_-RLet0WmJEiRJV5Yl1EsG3N57vNfLAMvne0T16dtI3YvMxkBVSzfUFzq6cSriZqNexagQcUraKiXeEt5p6lzkLWbN8&google_hm=MTA4MTc4NTc0MTIzOTYxOTM2MzE
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEBxor5QAxeibrAyzJWloOzo&google_cver=1&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ
https://rtb.openx.net/sync/dds?google_gid=CAESEBxor5QAxeibrAyzJWloOzo&google_cver=1&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&google_hm=zkOc7fpBxiA5nW4wIlppqA==

170 B
188 B

98ms
81ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCcVkYjYCx4rAU3GUSvKtnV7WD3u8b6l4H3GKaSW5o_hxhtVlVXqoN080v-9QNlOOoWExRC3DzEdhS5rLKb4F7YfWVFMJQ&google_hm=zkOc7fpBxiA5nW4wIlppqA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: gqjmbn15t15bbr7pbfdvouhi77fr6hkl

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B87D 0
41 B 994ms
21ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJVsVMfffO8IIag4WZuGxmw&google_cver=1&google_push=ARnp8GBki0S6NtkKZodADXZY0At_KbsyK4oNvuLKznjs914YSOY4aDzspuk_0hhMsA8O1YHAXo4584tf5YRScTXiDRxn0SCkN5o
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKNRsiydToUQ5fV48XGlwtY&google_cver=1&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkwtMUstMjI3TQ==&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mLmln14Jwn4O-f90cNKypFzPAIo

170 B
188 B

98ms
82ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkwtMUstMjI3TQ==&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mLmln14Jwn4O-f90cNKypFzPAIo

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkwtMUstMjI3TQ==&google_push=ARnp8GBr5vPVBnoBascrkK3NPqypHeUPY4r_EL4rfwXubCDuIslaqmAp3Q0O3uBEcyFrpIkm6mLmln14Jwn4O-f90cNKypFzPAIo
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B87D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6...

170 B
188 B

37ms
35ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6BkPpOldXIokSpxoqUcEPY7241zkN4JgrCRm3gKW2X8ifJRcwohyWMaIxFv97skg

Requested by

Host: www.virten.net
URL: https://www.virten.net/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE2AkxIZk0515cdtYYYj%2BWneSGyZMUA%2BqM9qo4wnYCGnFMJgp8FQShTfBmaXz6tVuWbEahyx55Cj3tQAr%2ByvEovFvaYmscz%2Bq8qmI1rvhxfXsI3GzFws%2FNRLXdtDhNAx8h2In3trvEX6%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELW2gG2_YEqg2qrxp9INA30&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GBwbkdXqAgj6NmktPa9y6u6h7k-D0MZ6BkPpOldXIokSpxoqUcEPY7241zkN4JgrCRm3gKW2X8ifJRcwohyWMaIxFv97skg
cache-control: no-cache
cf-ray: 72586aa13d9732b1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B87D 0
12 B 296ms
82ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jo9FwW-lZ4-Wk8j8mDECoqp0TG2jLNvGuaXFkvulr0t0sKf0DTgiVZb7oCuhNP_btI1NfB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F8ED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

113ms
106ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:34 GMT
expires: Mon, 04 Jul 2022 14:05:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63AA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECtnolkKgC5QyH4pMh9qt_c&google_cver=1&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTa...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTawHiCmNfTvbPwl4VzbqnY96uwnJnyu9HmDW9-iEkw&google_hm=fToMq-YoFP2GLV...

170 B
188 B

141ms
84ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTawHiCmNfTvbPwl4VzbqnY96uwnJnyu9HmDW9-iEkw&google_hm=fToMq-YoFP2GLVBJsr8Pcw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GA4VcLwbeT4VCXpqlc6sC7LyWwsCstz3chgUmJtkIc8JngfC3cjTawHiCmNfTvbPwl4VzbqnY96uwnJnyu9HmDW9-iEkw&google_hm=fToMq-YoFP2GLVBJsr8Pcw
pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63AA
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBhp55gZaDHLRHVYMJQXuV8&google_cver=1&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U&google_hm=Q0FFU0VCaHA1NWdaYURITF...

170 B
188 B

56ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U&google_hm=Q0FFU0VCaHA1NWdaYURITFJIVllNSlFYdVY4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 14:05:33 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAhxB22ycz_vSM8y5byZGXh9a0DMBJ4GTlc2JOadr-8x2jlKPv-OpxjolRQXGGxBt_SfDzNtteuGACChoz3OBLfq0Jlg1U&google_hm=Q0FFU0VCaHA1NWdaYURITFJIVllNSlFYdVY4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63AA
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEG1HCeJr3BRI36BRhZ2_r_8&google_cver=1&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw
https://rtb.openx.net/sync/dds?google_gid=CAESEG1HCeJr3BRI36BRhZ2_r_8&google_cver=1&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

170 B
188 B

99ms
82ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&google_hm=zkOc7fpBxiA5nW4wIlppqA==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:33 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ARnp8GCD3fXGVF0yXS2VAtsyEbz8Q39NFkAC-UyhF55YVUEMAWZDLjoSxFKJzTp-xOIxVnpFbVXMrm22za9Q0qfM9EsoJraeEEw&google_hm=zkOc7fpBxiA5nW4wIlppqA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: k02alc8spr9vouoi7a9upd6et2e7fbb1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 63AA 0
41 B 976ms
20ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBeQOjV6-v1D2wOwe-i4xOA&google_cver=1&google_push=ARnp8GDTxGBOuUSQ9mhlahzjmVXoPlemDgFzp-b3GmD0K4TeF2S522DIV0t7uk69yHv9wCftPi-_NCGzXH1rNafoo1W1z_3S0a4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63AA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKvO1TrKeb871orElN4DkUw&google_cver=1&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1d...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkstWC05SFMx&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1dpux962TdZGRoSw1fZ6bGm2i0

170 B
188 B

64ms
60ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkstWC05SFMx&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1dpux962TdZGRoSw1fZ6bGm2i0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2VEVEQkstWC05SFMx&google_push=ARnp8GAMno46_hQZezroJFl9g4105AruNK6h2GnKvDrweJGZ4YoSj8CjqwdlJipYCsRPeOaFa1dpux962TdZGRoSw1fZ6bGm2i0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63AA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5Q...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5QLoryA06gSp8vztleHxBNY4CgyCL2o8LaeRS53UsDazknc2H56tasWkwqPk8QQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUMTD6z7bACn5K9%2BcJ93jf5PhgkXTgRbtXXPurO%2BYijR4It7tCz7Fg8eiOuO6t%2FWbkW5IdDxBY1QrELyAKa5w1gvPyBRI1jVAnXjXKRGXp3OubSeYb8OH%2FBHM9AUtTir3c0C0H0JzX%2Bc1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMWnWneTPvjY0nisB6x8yds&google_hm=YsLzrTfRYrkPfBh8jMxZbAAABKYAAAIB&google_nid=index&google_push=ARnp8GCgrHKT8ztxg9BII9zFh1aeaTdVqvl5QLoryA06gSp8vztleHxBNY4CgyCL2o8LaeRS53UsDazknc2H56tasWkwqPk8QQ
cache-control: no-cache
cf-ray: 72586aa13d9932b1-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 63AA 43 B
296 B 400ms
30ms Image
image/gif 2a05:d01c:1d8:8102:ed0:32e:1209:a188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENZzNpVJOIxUChDtO2XBEAw&google_cver=1&google_push=ARnp8GCRsa2tFf63KMt-dXqizH2Mvx_VD3OZCkLfq5yMUJgwm_zRHWR8mTzzyrcSJn8fZ3FmpDpVF1Tf07IG41iccGWRkhPexg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:ed0:32e:1209:a188 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 63AA 0
12 B 253ms
51ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdUR_dU5RACLicniBaOtEBWUi2YOEsQBoLCoA2-7lPZr5ts2jlqbOS4i5agGtrY8tGINu2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EE8 36 KB
14 KB 79ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=2116999877&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531953&bpp=1&bdt=1348&idt=412&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=2389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=1WQ0gKaSFU&p=https%3A//www.virten.net&dtd=415

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 08:39:51 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1479 3 KB
4 KB 322ms
67ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2165151
x-guploader-uploadid: ABg5-UzDXz48Jp5FL0TmyQDSscMPwQiKL8JA4FKbkcP1npkz9mbjqsx6NGoabUShkVVvzmaj0A5RwcAjwhv-JhQocsL5sa0hzg
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrSYwGH83RHKW%2Bvx91ohuXjMeeM7lW%2BRTMEwxcBCITRy%2FzHkmY4RAVG614QHWY2BP8qIbF7g81QG32JmtWYksJzufukiIC6FDt2FObCwxpR%2FR2eNygs2Dk4B7eFa8GwxHyRAuIeI0AKL0hcYKRNxLh0Q"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 72586aa13e5099a5-CDG
expires: Fri, 09 Jun 2023 12:39:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EF8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

110ms
105ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:34 GMT
expires: Mon, 04 Jul 2022 14:05:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 14:05:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame A236 2 KB
2 KB 69ms
66ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 482851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 72586aa11820cd83-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 14:05:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 04 Jul 2022 15:05:34 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQYKPmzBi%2FBowqFgkWnRKAfoCppVlThtNDl2gBoVQYUxdtbGbEUSv%2B5ayDLif2HIXoM41AwzJ53AC2X8Vd76L3OtZIFKT0rFSuQ99NgFqGAdU5Kcy2oXfyoLwp7SKlYXLhk9y%2BY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdvvtSIAwsCmiM-QNfjU4V1IkNqaQClE4RrhA81LOeMfWEq6Es7rtcmMgv5r6VPQvchA57U4Y0qySTbEmuxJwzI

POST
H3 200 rs Show response
ad4m.at/ Frame 1479 1 KB
2 KB 60ms
59ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1d3c24192993d2c282a476b19156971cb9a1cb3b3f0d15cf0766b82629c93e

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 72586aa2499899cc-CDG
date: Mon, 04 Jul 2022 14:05:34 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCsHa0Gi9Nheqc9z5ChEUXgUsE4evez14C%2BRHK81WwDadx1sjjcxIGBYULlcsOTUeVmTZcOLlCMYKlISIqsOHDbyqzVj0ugDPBXXCdmjFMBA1o9sNxlG%2B9L3aiFnvaYLQhrXx%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-nzzt

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 83ms
50ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72586aa1f83b99cc-CDG
content-length: 24
content-type: text/plain
date: Mon, 04 Jul 2022 14:05:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0WSDMtkkKEXy%2BCNFzIRx4KFR7na2BcrgPIs4P96TAcAUuwqK5A8Mla0Po5wT8Z2eZNLk3YxTLhe0yr33UP9iY%2Frq3D%2FjTzCSst3C4AN8jsNUy1wwEtoMilJDj49FE4LzSwT69Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-nzzt

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B0C3 42 B
64 B 116ms
61ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttqX_PcUdkFjmVUGD9LDAz4tIqtI2LfqQD4ZzvAKL6Tf3dUX3A4E74rgIHkO2C1eeB4PT5rnERU2Gjjej2XwNI34DuCJNNl5B89DQSpWmvJOTmDs9sJAY9ciS7VgSUjbGs4Fn0og&sai=AMfl-YQjB7jtuHhGeYhD1RMbFgac8aa2Uf2gFjpvTFT7vRO8a6-WitN4jwJls0iPdCPGlmIoO9VUjeoN060E&sig=Cg0ArKJSzLSMP8YNTqSmEAE&id=lidar2&mcvt=1003&p=0,0,590,295&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2816934484&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656943532247&rpt=1091&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 14:05:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 60ms
45ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0270e52916484f4ec3a035ae8e299918a82275829074ec0fa9a75e38b736d857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 14:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10587
x-xss-protection: 0

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B5F 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9765669778980727&output=html&h=600&slotname=8898282104&adk=2816934484&adf=3386079545&pi=t.ma~as.8898282104&w=295&fwrn=4&fwrnh=100&lmt=1656943532&rafmt=1&psa=0&format=295x600&url=https%3A%2F%2Fwww.virten.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656943531954&bpp=1&bdt=1349&idt=419&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D19721e08c1737034-22e2d26cc5cd00e0%3AT%3D1656943532%3ART%3D1656943532%3AS%3DALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ&prev_fmts=0x0%2C295x600%2C295x600%2C295x600%2C295x600&nras=1&correlator=6486803413057&frm=20&pv=1&ga_vid=1269352263.1656943532&ga_sid=1656943532&ga_hid=1965092035&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=3004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068288%2C31060047%2C42531605%2C42531607&oid=2&pvsid=2994453251750232&tmod=833605669&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=LCRqCuBz3k&p=https%3A//www.virten.net&dtd=429

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 08:39:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:05:34 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 24CA 9 KB
4 KB 56ms
56ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab3b0a6ce564b966ac0adbc2e39d922167431ecef39cb386ca908a802e66000

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hettabr9vch7pwk6cn9kd9ee46nqahq875fzf71mkrsa7mqrtkp7fk7ha052bmpxr7r28swyn7hcg2f0m12k54d0e6nbcj9wzqfajrdfr2gpd8cm9vt13tq7t54gyx8mfz7gmx58w154hd1gs1h7en7yqccfbgj57hj0ead6mby7n8zv2fc7wdrkewf53ra57njp3nm82vxfq2y7ejc77tk4wbm3y981bn1zp8j4dedbrkfsft23y029w2vsm7qsxhqq8nckzcsnn594tcd0h8hcfn14z05qy30hpz53jsf0z4yphejzpeev31hkh81gp14vnnsm4vrnzk7rc8jmma8p8wqndbaj1b7q5b3fy10zdwnacf3m9v84fbmc5pvtybvdgw8nd07ztfh8ft6cds3z0810xdawgw3s02gxza0jzk3gad8phpz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%26client%3Dca-pub-9765669778980727%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72586aa2ba23cd83-CDG
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B41 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 3222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 13:11:52 GMT
expires: Tue, 04 Jul 2023 13:11:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AAC7 783 B
535 B 36ms
36ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c4b2f47bc95b960a3ac9d2cdb9f3e5d74855ab9899a7d33a2caf272b036c7cdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u1GFXCEZ_DTcom-77BjE1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.virten.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-u1GFXCEZ_DTcom-77BjE1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 14:05:34 GMT
expires: Mon, 04 Jul 2022 14:05:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 24CA 84 KB
11 KB 42ms
41ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 875271
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86749
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Fri, 24 Jun 2022 10:57:43 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 72586aa31ac0cd83-CDG
cf-bgj: minify

GET
H2 200 B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
assets.ad4m.at/logo/ Frame 24CA 3 KB
4 KB 43ms
34ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=93U/fw==, md5=2rbgfMDdrjDO6X9H8e1xjA==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1522847
cf-polished: origFmt=png, origSize=14458
x-guploader-uploadid: ADPycdsMQ90ng0EjQVMqd1jfo25_rj3iNE5bOaKLhVmkTAIzZA9e3x-Fq_d1ZdkouQ7iCN7F3tVLk4jkeQT1elDuy5Woiw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="B0EDC68C309BDDA02F64C4991062A43B14E72A0AA73A6F51E7A8455BC4EFF483B071BD9AB1B71EF32E77D6EDA267FA58388EA510B235554069E6779802922590.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3490
last-modified: Fri, 07 May 2021 10:01:33 GMT
server: cloudflare
etag: "dab6e07cc0ddae30cee97f47f1ed718c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z25yI6bk1FaUnLdPB8kXj7XomAOZlID49WPi%2BqWavLTzpq%2FWtvBkNJ5s0uUcpErGKClutLZKPW4CxMoHbmHsPoyQ0fD%2BPZtJy1XZy7b%2BS4PAQuPc09Ot4IIdC5o1E%2F9tTTEeqysAxMHTjFE"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620381693272676
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 14458
accept-ranges: bytes
cf-ray: 72586aa32e3e3aab-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 24CA 66 KB
67 KB 43ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=R/RcbQ==, md5=CU+RK8xj7vzD5US578iNWw==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1530854
cf-polished: origFmt=png, origSize=142926
x-guploader-uploadid: ADPycdtiAN5S3HcvonRtWfPO3M9a2DKi_17q6jjX4cB6mFLY4A-SxHOjDzheVtK3Ut0IBb5QTixIL_nzbLHajzQwE885avPFpYLn
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67486
last-modified: Fri, 07 May 2021 09:55:07 GMT
server: cloudflare
etag: "094f912bcc63eefcc3e544b9efc88d5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdkZ5YOaXzKHfxIYiOMgoUojN5%2BmJV39DVctyRxJ%2FMtv4M%2FMbMCG0aN1mUvYGDj8L3gVMFIPx1WKXBskpOY%2Bho4%2BBwasJ4FMoZ0UyqFaIYM3Enugw61cr7Qg8Vvx6sazjSrLztu%2BU0XUgE0t"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620381307305670
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 142926
accept-ranges: bytes
cf-ray: 72586aa32e463aab-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK /
jpp.aircaraibes.com/ Frame 24CA 43 B
2 KB 163ms
33ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:34 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0055580139160156
Connection: close
Pragma: no-cache
X-TRK-PROC: 70235
Last-Modified: Mon, 04 Jul 2022 14:05:34 GMT
Server: nginx
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H2 200 428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
assets.ad4m.at/logo/ Frame 24CA 14 KB
15 KB 66ms
62ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/428B4F86A38145D669F90866C84A73C58435858F83697B5B6D22512EF73005EAE84F90ABCEA7772B8F8DE919A137DE18FAB6D754D4F2B3999316EE0F11152295
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=9rTT4A==, md5=FU+2YjnmUM8nZKlrNfDZIQ==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1525098
cf-polished: qual=85, origFmt=jpeg, origSize=19949
x-guploader-uploadid: ADPycdviDuPbVoV9OgGygKvE5NADcDFJGj6_8FKPFpa6k7_Ii0qz6ujWGgu8NvXyTnWcBC56oNGgo1qf6o8JmBKyq6AXzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14750
last-modified: Fri, 17 Jan 2020 09:30:38 GMT
server: cloudflare
etag: "154fb66239e650cf2764a96b35f0d921"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc%2B%2BOTKFzwKBGXWU%2B6KCjmD%2BuWu%2F6Zujr2JoeBQJ1m6oJNphJJktdUPoTslRnFSsRfifgM70mumvN9ZbN7n2GUphOuxkLwXZSxLK1rg7q7CQNsb0aXzl5iolT8E9OXAHmb60bkJMnlrxLrBv"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579253438244940
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 19949
accept-ranges: bytes
cf-ray: 72586aa32e493aab-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
assets.ad4m.at/ Frame 24CA 274 KB
275 KB 64ms
60ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F0432772436E6C2650E58DF5102BE7D3453906115ACEFD48EBE7ED3B341913EECAF487CB8A03037163CBFC62185CA2D7AC7345F7901A61AF74A0A01EB6EDEE85
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=hlD5IA==, md5=9kmh0Tk8JUGH0VOXo/+JGw==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1526599
cf-polished: origFmt=png, origSize=547949
x-guploader-uploadid: ADPycdvDByD20CV-ifZSX0ULpaAnPHFuCO3myYK1vNhskQXMXTabGb7nu5wNwAIDXiDTvsvC0aA60GXHGPeB3hxjy0b3zg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280758
last-modified: Mon, 06 Jan 2020 15:34:15 GMT
server: cloudflare
etag: "f649a1d1393c254187d15397a3ff891b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV6fSV2%2B%2FmjnvwCNu6N2okA4p8QmpVyhltYvz53Rjx6cgjR5BjkZQhf8hPblaGsCCs2B6OdWqQXDukgJixY%2FLD1WacOpeG9y7h%2FBdVZX4yDK2ucpFufMgtqPLSGQmU%2FJH3MEpHDuxDn%2BXWG2"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1578324855822222
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 547949
accept-ranges: bytes
cf-ray: 72586aa32e443aab-CDG
cf-bgj: imgq:85,h2pri

GET
H2

200

img_13_13_23.gif
img.metaffiliation.com/4/58179/ Frame 24CA
Redirect Chain

https://action.metaffiliation.com/trk.php?maff=P4E34356C8631D13&argsite=oneidY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphroneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
https://img.metaffiliation.com/4/58179/img_13_13_23.gif

133 KB
133 KB

145ms
24ms

Image
image/gif

192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (paa/6F7F) /
Resource Hash: 66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 14:04:52 GMT
server: ECAcc (paa/6F7F)
age: 1583
etag: "5e15e184-21403"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 135736

Redirect headers

Date: Mon, 04 Jul 2022 14:05:34 GMT
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0068361759185791
Connection: close
Pragma: no-cache
X-TRK-PROC: 58179
Last-Modified: Mon, 04 Jul 2022 14:05:34 GMT
Server: nginx
X-TRK-DECISION: 3
Content-Type: text/html; charset=UTF-8
Location: https://img.metaffiliation.com/4/58179/img_13_13_23.gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H2 200 397FE21E001E11C6F02F3C8CBF43134AD33E53DE5607D06D72828EDF11D84EFD9788C4A41E14FB74A70E132A82CAF9CE31B283D5C8C8053132AF6FCA6E385C6D
assets.ad4m.at/logo/ Frame 24CA 12 KB
12 KB 39ms
35ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/397FE21E001E11C6F02F3C8CBF43134AD33E53DE5607D06D72828EDF11D84EFD9788C4A41E14FB74A70E132A82CAF9CE31B283D5C8C8053132AF6FCA6E385C6D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fec486c1d401a6b6c8259f2269e7f07cc1bb215191e22759928aa6073a49d66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=6EUssA==, md5=tbjX504Je/ELyniyq4aCdw==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1526587
cf-polished: qual=85, origFmt=jpeg, origSize=16921
x-guploader-uploadid: ADPycdt_A1UnbDZJIvpKI4MCnVIe9Qrl5o0nOZGjDlMzsblWruGsljb8zlXC8_1aJmK3GCTEbGVyiZW22kUS3NBiy1B68w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12022
last-modified: Fri, 17 Jan 2020 08:19:44 GMT
server: cloudflare
etag: "b5b8d7e74e097bf10bca78b2ab868277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxpuELJHF4dHlIDkz9U%2FteWLUV88sKZoIaVaNrCK72XkUAP4NJMsi8RoIdZ9099%2FsM9ovYaTDJpfqiHj11wQI5q2J2815GCPS06pqprKlmQodjuZ9AkGQOUboREoU2gOoHe2ZKp8qEidF8ET"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579249184932693
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16921
accept-ranges: bytes
cf-ray: 72586aa32e473aab-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 B6F751C983CD290767834C7CCE0D5DD4636AC1217109D9FCDEB0FC4555BF1E7B925A88ED3F5C2D2B783D013E1372806A9C2DC35746A7B96B5FF2DAE961AF7DBD
assets.ad4m.at/ Frame 24CA 75 KB
75 KB 65ms
62ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B6F751C983CD290767834C7CCE0D5DD4636AC1217109D9FCDEB0FC4555BF1E7B925A88ED3F5C2D2B783D013E1372806A9C2DC35746A7B96B5FF2DAE961AF7DBD
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c47ee2279f5f27f71c32ce00cb0cd1c496c8dc75952b962342a2659c72bf40

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash: crc32c=Oc4ijA==, md5=ZHZN1TI9DDYxvEr8ig2N3g==
date: Mon, 04 Jul 2022 14:05:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1528641
cf-polished: qual=85, origFmt=jpeg, origSize=162579
x-guploader-uploadid: ADPycdsR_JjLwnhSoHnLWTULf0-6Z4RdrzdrUEk6bsmN1EvtxgE9rEwVSTof9WKBinfV6VM7OdyyKv1khI04f31F8O_VMA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76536
last-modified: Mon, 06 Jan 2020 15:41:22 GMT
server: cloudflare
etag: "64764dd5323d0c3631bc4afc8a0d8dde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIDCp2k%2FJTlYqGbDxLIVoN664ILM1bA103xdD%2F8VBxG72v%2FacAxXOpjKO8qg43p5bMZ22KEWITSyuCdKPIWqrh6HYQSABeNbbFozP%2Bq8BE1KoHk37j01DIHfIbY0ZS2EnlSA03AmB40gCv1A"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1578325282074910
content-type: image/webp
expires: Tue, 05 Jul 2022 14:05:34 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 162579
accept-ranges: bytes
cf-ray: 72586aa32e483aab-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK /
frp.geant-beaux-arts.fr/ Frame 24CA 43 B
2 KB 125ms
35ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://frp.geant-beaux-arts.fr/?t=P422AB56C8631115&argsite=oneidJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcXoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=119648%2C15737%2C15738&b=pAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CY8gUrfZxf1ezsVH9HetQtY6ACAT1T4pphr%2CJ6ETzfPgUxXWfBH6H7tptde3UXTgTbWWcX&f=J6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2Cq76smf3RuD9ZsZHgHDtRCK48sPTgTA22C3%2CGz6HBfxQfVZWcKHeHGtBC8rbS2TYTeAAHE&c=160&d=600&e=&g=3122576f92eb1ec37a6f5465ddc76a42%2F15722680899929817177&i=30425%2C2951%2C2937&j=15%2C15%2C15&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1656943534469&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gx70fsr1s3xwyfnyawhqbetqezfh4g4n04j24d4rwdnks1pa3bk2cdvk9js333aa4f4jp11kgmdd9mm3ske0n0ba9nqkagc4n2d3rnzgy0ekg7vtnwdy3v1c7q4pzh3jtc9y7pqw6hpx2mjnavhnd3m9bqyr965v6tpa85qv4sp78h247zgbh9n8b81mfdt9s842vwykzqxp0pde8h9r3xh5hyra725hdz4anj9n8qgyjb6jrqw764amccrh883dqnc89myg9de6044twfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-Y5HrPPCYpOQNMaD1fAPmoWGwA7i0rL2YcexjoqOCMCNtwEQASAAYPsBggEXY2EtcHViLTk3NjU2Njk3Nzg5ODA3MjegAcKu6N0DyAEJqQI-cedFb4SxPqgDAaoExgFP0Pma-qclhiSs72i9IeW_06lJlPPXCGzW5ZR097RwnnSJ2mX4aGcarG-FpIH8So9Oh9zF-q_UmQG4SG4B-d1rh6CGQzTjhEPuAk__DLixx3csnlP5Tel24zL4xsL72-z35q1xrASOAAgAks3feXRT8PIs70pUuyZ57p0iZVQBy7RMdrEAUcWViNHaMtojWwdHVbQF6scknfeGSN5Q-oDBw_WPu9uAY1bCNImi396pWBNjq5xw6qNcaHRGMGtDI7atcsTys4KABo-ij_2q1KSXhgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1rV8tbUATi9HB-ozW87zlVyGym4Q%2526client%253Dca-pub-9765669778980727%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 14:05:34 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0083320140838623
Connection: close
Pragma: no-cache
X-TRK-PROC: 8875
Last-Modified: Mon, 04 Jul 2022 14:05:34 GMT
Server: nginx
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AAC7 0
0 69ms
68ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=2994453251750232&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B41 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 08:39:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7B41 0
9 B 38ms
33ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zmYxbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:05:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=2994453251750232&bg=!bG-lbyvNAAaLlKKnq5Q7ACkAdvg8WlX0R-fVtzYiCi5LssJruB1YeDUFw5JaB4mQBuBZJQmxb5a38AIAAAB8UgAAAAFoAQcKAPCPIAhJ6HuToPe-QtXd9KAlNG7Jv6jz9lHNmd7qzkLQ5KHZdIEZMEX6IYUYVcQKxcwH-cHawm1Zaek0NmscuElnmonkNoG4yRA6gq4QzVWaTm-CnVGcimt4knIZEYX0kq8YKd4YhY8oIGbP0JuYpeZ2o9joypjMfc8MPX5lPLqPidiE49zopNAtTCwSS9ra99ukxiE5mDnH4yehbhoh61tFjIKLqPyXcVgNGWfD6WI-MCW6GSpBEz56dYBa3_xVsX6Aq-NqvWEqDrwZfhD3mQ4oXZ3eoRa56mAzbIdQQogEAa_oE5UDKt7V8O3rtbi9P4SZApMraH4eQygX1_KS3DUExEVx3zOupeOBeuzFfnulDEKSx0AbAArkEJy39YS7WlomwwutoF7HUx9VG9eg60Ig0DT2LKV4QVMIMklgCLggBoOYBBseQ1yvrx9RxkBBEWiBEHjH4G-gq5dndKMt7Q9Q85CIjDvH55gLjf-yWAsZNM6EXDC6jvOZ1d5jdW9WIjQlDqYALFCqqf_cdvf__IK3yhVqXVMOwB-g_tWV9KM7yh9e19SlK4yW5MfosjkCddYZbGLkEw9c6V_ugOH5Wo9gRSd7VMirVkURLghVMyK2Le8aTjRf2s6_3d0omPUizEVGxVv9uxNuIO609wQV_8NiGikIBATkPdMVlCor1Fz48rWcnBk_sjgtccmvfCSeUTCMHzYL-i7UjW1gfvkUz8n0K7-3Fw8KnaC_7ZkokEPVKP5IOu_QXDo_mcJxOBF5uuMM_2hPsf4RHCwvkyUGtoeJTyYPNjJSPE6VvdxSNFtmvCBVrCa2nNSUX_12C5ZUf0S9NZDiKaR_d-a9jWUwFtBO8-pB2LqtCdE46rc17zeGsu1Kf_oG2j3VoHg_VO1SxVkgDW-V29EYa-hxSiAJpJ4Fj9329-X4Iaw-ydRuASeCrTuMbhfWRy-996kIxy-OiIyz-RoTU1FliNnAe7kvDxw0fxFq2iM0jUYdYDjeWZOjHx7lSb_z3ZzeyQIQVJ_982FR0R5XW5jVEo_GKRNxPAmDxy5v969z9w-Bye8KZrmRC4Cz5GX9BBTZBBzxJxrclDcB-dJe5oH8dUEMxRb6OdvbAuWAWAQYRKkjVRu_Awy2Dd-4xZaGcGyMfmPxxX_MweKIsqxPRlw2J8vmWyQt-wd5LEUKwAP9H0EbekSjEark0cwgul3A9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.virten.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEf9LzktlAwzyxPL9fBE240&google_cver=1&google_push=ARnp8GCzXvO8yRo8vJFt9UdKD7Pc6OfTCJ0RfnPzRF2aMry5iIYEn_rzjcNr24eKn7p6wtj9ejxaezu8KZFQ7BfePrVXwBgHW9HkcA

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.virten.net/	1970-01-20 21:46:55	Name: _ga Value: GA1.2.1269352263.1656943532
.virten.net/	1970-01-20 04:17:09	Name: _gid Value: GA1.2.1814695320.1656943532
.virten.net/	1970-01-20 04:15:43	Name: _gat_gtag_UA_31382866_1 Value: 1
www.virten.net/	1970-01-20 13:01:19	Name: cookielawinfo-checkbox-necessary Value: yes
www.virten.net/	1970-01-20 13:01:19	Name: cookielawinfo-checkbox-non-necessary Value: yes
.virten.net/	1970-01-20 13:37:19	Name: __gads Value: ID=19721e08c1737034-22e2d26cc5cd00e0:T=1656943532:RT=1656943532:S=ALNI_MaXO3xoHNmKsEBN1fSmWTt1FdvyEQ
.doubleclick.net/	1970-01-20 13:37:19	Name: IDE Value: AHWqTUmjSLx0unqXwnR7buHlDDRM_48TioS0jY8n26Bvo60ODCa04VqkMQKEBVChz1Y
.doubleclick.net/	1970-01-20 04:15:47	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 06:25:19	Name: d Value: EHoBCQHEJoEA
.rlcdn.com/	1970-01-20 13:01:19	Name: rlas3 Value: 1j98v42ce+ND8dFT5peZ6j/4/gD4L4dH8y9RposAiWk=
.quantserve.com/	1970-01-20 13:45:57	Name: mc Value: 62c2f3ad-d3e37-6cbd3-b73d8
.openx.net/	1970-01-20 13:01:19	Name: i Value: c2b92988-fa40-40f9-853f-ea6f956460ef\|1656943533
.casalemedia.com/	1970-01-20 13:01:19	Name: CMID Value: YsLzrTfRYrkPfBh8jMxZbAAA
.casalemedia.com/	1970-01-20 06:25:19	Name: CMPS Value: 1190
.casalemedia.com/	1970-01-20 06:25:19	Name: CMPRO Value: 1190
.mookie1.com/	1970-01-20 13:44:31	Name: id Value: 10817857412396193631
.mookie1.com/	1970-01-20 13:44:31	Name: mdata Value: 1\|10817857412396193631\|1656943533975
.mookie1.com/	1970-01-20 13:44:31	Name: ov Value: a0aaffcca47ffd4ebbb94ad2a27580f6
.rlcdn.com/	1970-01-20 05:42:07	Name: pxrc Value: CK3ni5YGEgUI6AcQABIGCOndKhAA
.agkn.com/	1970-01-20 13:01:19	Name: u Value: C\|0CEAqVbAuKlWwLgAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 13:01:19	Name: ab Value: 0001%3A1tmRLNmilhdH4msDIY0SSz4TautgmpwY
.innovid.com/	1970-01-20 06:25:19	Name: uuid Value: 0f6b191a-890a-4eb3-a470-b29de3aa7d37-20220704 10:05:34
.casalemedia.com/	1970-01-20 06:25:19	Name: CMTS Value: 3187
.e.dlx.addthis.com/	1970-01-20 13:45:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:45:57	Name: na_id Value: 2022070414053400088891088244
.addthis.com/	1970-01-20 13:45:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:45:57	Name: uid Value: 62c2f3aedd8f1bb5
.addthis.com/	1970-01-20 13:45:57	Name: ouid Value: 62c2f3ae0001ec110e8d3eec8626a4539f828af68fa49511c1e5
.dlx.addthis.com/	1970-01-20 04:58:55	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:58:55	Name: na_sr Value: 20220704
.dlx.addthis.com/	1970-01-20 04:15:43	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:58:55	Name: na_sc_e Value: 0
.metaffiliation.com/	1970-01-20 05:42:07	Name: neta_ssc Value: 5c38f3tslqcw2trml9oo43yyemoq
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 5c38f3tslqcw2trml9oo43yyemoq
.metaffiliation.com/	1970-01-20 05:42:07	Name: kwknc_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp4e34356c8631d13-b25laWRZOGdVcmZaeGYxZXpzVkg5SGV0UXRZNkFDQVQxVDRwcGhyb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.geant-beaux-arts.fr/	1970-01-20 05:42:07	Name: neta_ssc Value: c6fdf3tslqcwnu13glcm8sb85fcy
.geant-beaux-arts.fr/	1969-12-31 23:59:59	Name: netases_ssc Value: c6fdf3tslqcwnu13glcm8sb85fcy
.geant-beaux-arts.fr/	1970-01-20 05:42:07	Name: kwknc_ssc Value: dp422ab56c8631115-b25laWRKNkVUemZQZ1V4WFdmQkg2SDd0cHRkZTNVWFRnVGJXV2NYb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.geant-beaux-arts.fr/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp422ab56c8631115-b25laWRKNkVUemZQZ1V4WFdmQkg2SDd0cHRkZTNVWFRnVGJXV2NYb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDYxX1RlY2g%3D
.aircaraibes.com/	1970-01-20 05:42:07	Name: neta_ssc Value: 705ff3tslqcxsxuxu2g0akdo0r8s
.aircaraibes.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 705ff3tslqcxsxuxu2g0akdo0r8s
.aircaraibes.com/	1970-01-20 05:42:07	Name: kwknc_ssc Value: dp51125b56c8632157-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: dp51125b56c8632157-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEf9LzktlAwzyxPL9fBE240&google_cver=1&google_push=ARnp8GCzXvO8yRo8vJFt9UdKD7Pc6OfTCJ0RfnPzRF2aMry5iIYEn_rzjcNr24eKn7p6wtj9ejxaezu8KZFQ7BfePrVXwBgHW9HkcA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad4m.at
adservice.google.com
adservice.google.fr
ag.innovid.com
as.ad4m.at
assets.ad4m.at
cdn4.buysellads.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
frp.geant-beaux-arts.fr
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
img.metaffiliation.com
jpp.aircaraibes.com
m.servedby-buysellads.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
prod-rtb.ad4mat.net
rtb.openx.net
srv.buysellads.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.virten.net
z-na.amazon-adsystem.com
googlecm.hit.gemius.pl
104.111.215.191
104.18.18.126
108.161.189.78
142.250.185.194
142.250.185.226
161.35.94.188
18.64.99.206
185.64.190.78
192.0.76.3
192.229.220.129
2600:1901:0:76b9::
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9d
2a01:488:66:1000:b24d:4dbe:0:1
2a05:d01c:1d8:8102:ed0:32e:1209:a188
3.122.145.17
34.98.67.61
35.227.252.103
35.244.174.68
52.214.225.206
69.173.144.139
94.31.29.32
95.131.136.1
0114ab589ce42ed402ce67254aa06f725f6b53e4a04d2f79b4b01fc92501dcf1
0270e52916484f4ec3a035ae8e299918a82275829074ec0fa9a75e38b736d857
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2160fefe0b02729a87a03ef7f21fe2003b7054a7bbb5c11011c11a51a4156f
114811887baca35be2e5b637d553116f3ebed7e95eb7ed4b486b44619ec78997
133093dc3d145a5828d7011c5344ca59f9c0d7d28e235f0c50ab80491afadb30
134d4a412e3e24b152b00758a9de2dc91647109fc9a31425c77310ba5a82334d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ab3b0a6ce564b966ac0adbc2e39d922167431ecef39cb386ca908a802e66000
204d068a2415941f6bd09b49445343b989f233ec3d7bf265bc0c71ae50b983e2
294e1ad96498dc7ea167b9d42d022d3b85b3f3000e14cebb05828bfcaa70a260
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2d14ccfba51920109516d72d1e75967978caed24908896b0d500cc8f3099bf86
2db3d71488b26c8b00f7b8a15320224e46fb3bd5d32896c381f7dd45247bdd74
2e5ca8887ef77835f79c3f1ab69ec936a53c2e7c09a6966259d4390345fc617f
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1d3c24192993d2c282a476b19156971cb9a1cb3b3f0d15cf0766b82629c93e
30a24bcc771a3c3b6b5f7e83a9effad604a4f01b8d447a96c101d919b85e6795
3e3a45c6044f690734ebf04a7da38caabc1dc894b1bd99fb7d57d6c062851bf3
3e4834e7a6f05abade2399ac445c4aaddc3d6e3136be004a8489d592c7fde045
3fec486c1d401a6b6c8259f2269e7f07cc1bb215191e22759928aa6073a49d66
4ce1bf8332fde79de063b399ce65c874af272236e739bf3ed3ce472e18b37418
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e41d593e489b2faf99cd2d6a1a05725c19860e05cf58543a9db1f14fdd5595
5a494e031be731069951258b160aa3ecacf9bda06d0befc15e8273ccfd825450
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658a3c167907d425000012427e58b69cf0d9c2a484175a8173dc1cf0f59df105
6662a88e91de4223a31c5ea17534f89906d0e40d33e5f07e84d5700b2836bbad
6677c0bfc890595dbdba94c304430ea216fd99f6e8751e8996e1c32cd7d6c535
66b24eb77aabe2b1fffe8ba0aaec05db13f8e7f5710a52785d99f3b1136a567c
6b309c4509069ece27817f6958ebdaea1c0a3373d931910b0712e55b32162b94
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72f9a4238b06375bb33bf9f012f4c7b7f2b906e5dbbc659de34321cdfe6aa700
7458c2c8b9b7730e698723d29c84719ae5bb653cf58242df850cdce3bfd88f44
74a3cb03a59beecff186a92d23f4a70d57f0531d3e7466f1818b8859022dcb91
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
761656b2576cc46219807fb3a38ec6f5eb20dffba52e53bd84e232eb0ff0bde4
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7de8c28163a7846b06a45f2ac3617a400d4c4742320c543d12e9fb2f14b10bc6
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
93749ef65d8d50ddb26ea6ed303f2bf6bbec7a41f8873529c28c8bd2b0967439
93cde47b819c982f7e47331aec9352ac585c9beadd203d01cea4109582d7cc9d
9670e2e16600ef29f4d5342f6005c9eb04888dc2b5768dfaa689338bae5ed797
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dfa9e7e852d4c2ba8089fa66dcef473af1a75cef8575062372e4dd4319fd31f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cf9e730496cf8b34fa202aac0264f3167c8430e529072aaebfe6ecb154816d
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
aed273578fc1b4baf1d411116022d1730bc6725b5a878b33b2e576323bf97ac4
b1c47ee2279f5f27f71c32ce00cb0cd1c496c8dc75952b962342a2659c72bf40
b91cfa8fd33976351a26a651ed734c9906406985a975473eebc819706e655dd6
bcfbd1f2d99329dd6f22c3fed6225cc36497907dabebcc96c3094adefbe49615
bd4ad4b3c39ddb5da8ec491b4cb41b2bc2244ee268a560b0bbc99c85379954ef
c355bcdac9317b32556a02f04f717cb06c5addca9633f6b96632f8ca63fcac80
c4b2f47bc95b960a3ac9d2cdb9f3e5d74855ab9899a7d33a2caf272b036c7cdf
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
dd42fb9a377214fa9741a7db7502eff7b1b14ef6a186ddda0602877ee3390ac4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f750548f2ee2c68dc6d192ac7285f8c4a01113179481b19b98a3789aaeaddd
e8adfb6325b9f5e2692f750d016484c154ee4c0ef5fa804f511a5932683612ff
e8ca95bea0088adcca0e776307c22c9d9b3d2d34315ad8786dfa06fefdbc4ee2
e9e999fe97c5e10e60b9529047d90f4e5be1129be09b8623928ec75d2d742015
e9f93b628e22c5bf1e2622c8b25c8bba3d09c32d738e9b5ce1790b242e5e96be
ebf79bf0ceec2ea0e5245a52606e912a80fe2cc23853615d7d3ecb8772ee8fb5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef82c49016a2e9e585bb789725cbc93765551914c346a9d2d1febf95dbbfa879
f12b68a05e8e6b512a015cd173135a092529e9e42433c3af2eec3b39fa841675
f24431ccff99d993b541e5a958667d27f05612cfe43a91ad970f0157859e23a7
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa1629f63574b87e0242e3d19358ff0789e714902b186adf1723a9dcb802548a

www.virten.net Open in urlscan Pro 2a01:488:66:1000:b24d:4dbe:0:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

156 Requests

87 %HTTPS

49 %IPv6

31 Domains

40 Subdomains

29 IPs

8 Countries

2123 kBTransfer

4190 kBSize

44 Cookies

6 Outgoing links

Page URL History

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.virten.net Open in urlscan Pro
2a01:488:66:1000:b24d:4dbe:0:1 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

87 %
HTTPS

49 %
IPv6

31
Domains

40
Subdomains

29
IPs

8
Countries

2123 kB
Transfer

4190 kB
Size

44
Cookies

156 HTTP transactions
5 data transactions