www.japanesesmileyface.com Open in urlscan Pro
2606:4700:3032::6815:e87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.japanesesmileyface.com/
Effective URL:
https://www.japanesesmileyface.com/
Submission: On January 03 via api (January 3rd 2024, 12:34:38 pm UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 131 HTTP transactions. The main IP is 2606:4700:3032::6815:e87, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.japanesesmileyface.com.
TLS certificate: Issued by GTS CA 1P5 on December 11th 2023. Valid for: 3 months.

This is the only time www.japanesesmileyface.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:9f2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3032::6815:e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3 15	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 31	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
131	26

1 2606:4700:3035::ac43:9f2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.japanesesmileyface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:e87 (United States)

ASN13335 (CLOUDFLARENET, US)

www.japanesesmileyface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	1 MB
25	criteo.net static.criteo.net — Cisco Umbrella Rank: 894 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8571 csm.eu.criteo.net — Cisco Umbrella Rank: 7743	475 KB
17	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184	189 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com	106 KB
7	japanesesmileyface.com 1 redirects www.japanesesmileyface.com	26 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
6	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	306 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 fonts.googleapis.com — Cisco Umbrella Rank: 115	34 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7692 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10138 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14817	60 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	34 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	148 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
131	15

	Domain	Requested by
31	tpc.googlesyndication.com	1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
15	imageproxy.eu.criteo.net	ads.eu.criteo.com
15	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	www.japanesesmileyface.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	static.criteo.net	ads.eu.criteo.com
7	www.japanesesmileyface.com	1 redirects www.japanesesmileyface.com static.cloudflareinsights.com
6	www.googleadservices.com	googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	2 redirects tpc.googlesyndication.com
3	cdnjs.cloudflare.com	www.japanesesmileyface.com ads.eu.criteo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.japanesesmileyface.com www.googletagmanager.com
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	ajax.googleapis.com	www.japanesesmileyface.com
1	static.cloudflareinsights.com	www.japanesesmileyface.com
131	25

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
telegram.me
www.freefirenickname.org
www.freefirenamechange.com
www.yuvaapp.com
www.nombresparafreefire.org
www.nickparafreefire.com
www.simbolosparafreefire.com
www.simbolosparanick.net
www.letraspersonalizadas.net
www.corazonesguru.com
www.espacioparanombredefreefire.com
www.symbolsname.com
letrasbonitas.zeroonews.com
www.zeroonews.com
www.namaffkeren.net
slantedsmileyface.zeroonews.com
www.changefont.net
www.fontesparainstagram.org
www.fontstyleinstagram.com
www.fontstylename.net
www.letradiferente.net
www.fontesdeletras.com
www.fuentesdeletra.com
www.conversoresdeletras.com
www.convertidordeletra.com
www.tiposdeletras.net
www.letrasbonitasparacopiar.net
www.letrascursivasguru.com
www.letrasbonitas.net
www.4devscom.com
www.aestheticfont.net
www.cambiodeletra.com
www.czcionki.xyz
www.geradordenick.net
www.letras-goticas.com
www.letrasgoticas.com
www.lingojamguru.com
www.modificadordeletras.net
www.xn--yazstilleri-1zb.com
www.xn--80aerbec6befpv9byb.com
www.xn--12c3b2atsjed4a2bc4byl.net
www.xn--12c3b2atsjed4a2bc4byl.com
www.xn--12cxt4evac3cc0w.net
www.xn--12c2dovcdw6a5a4j.net
www.xn--82c3c9a2ac5f.net
chrome.google.com
play.google.com

Subject Issuer	Validity	Valid
japanesesmileyface.com GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.japanesesmileyface.com/
Frame ID: ACEFEF469AF24FA8CB15FC431F83EA75
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: F1E6F1F24B9430127956C86D24D7B6C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&adk=1812271804&adf=3025194257&lmt=1658423019&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271254&bpp=14&bdt=343&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5439454602137&frm=20&pv=2&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312
Frame ID: D30BD90FA5F11497157DCA9BF09556F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319
Frame ID: B67B10AF87A7DD134A636C76A32A3DB8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=2674862366&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271273&bpp=2&bdt=362&idt=326&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=333
Frame ID: FF271753D60BBE37195A52E986F2ADA6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=4240431096&adk=976199221&adf=4076056445&pi=t.ma~as.4240431096&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271275&bpp=2&bdt=364&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=350
Frame ID: 334EE3B8737D6BD91E139E832099993F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A7F43444855A356FBF4349F0AE74E65C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17C89B4A5E42AE02B76BBBD21C85BD80
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZVUVwALIUkD58MVAAWAPGLUXiFHN_Egs6k9ag&u=%7Cb811dwwl%2BK7uG5VWcV40NYtXqLfUqnr2SdJ68Cckoy0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoJ8u0kE1bqTFXCLT7Qgme3YiOiC0TY3SwjyAHkMlGQEg_5eNnRYyfiV5PbL_MMTbQzyvNhrvES-BX10A9MdbkkTJtZVtk_zuVumAaRGm-em0N9JpLv_wnK3ka1pQ6w8hRqEeXxyLFt7lMruiKQjwj_ADUXDo6v3Di0ktFwVPg9WjP2iJlM9AJmagyHd2YcqAfmoypnZocBuQt-Pc-T34UGPNPHg_0ErhOFF3d8Kjyv3OvHVZE7Yvpnb4PMsJmn0u8DCSC5iAbLpiEhjJ8M0rnvHRV-oDMlxgTJrJLpEciIjmy3IxK6LmEpal_NsDsMq2z1hqjlkg8Z0RRsp6aP4un-CCwsxiOIVV_FFiw_2mRdmwNMQBVghiSq_bQzrWWGCwMjYI6h1xCZjwaRfh5JrcrjGT4x4Umqb0ypVvm7XBdQVAUlWx-VEspG3x-LNYw17kBWx1G1ZGuQCiPW1q7ik4JQ2ESXqTQ6t5RDrhncOgmL1tORSsuZftlKJr2Xv7Uu4-w7HBk8Er1Et1uFwADIGSPbNf1VkT43SZOqd-MxE1XwSBwikymc7GfSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0lLRV1SVZcnCLJWGn88PvICWyALJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTEyNDE0MDkzMDM4MzU4yAEJqQILbjh2GmSyPqgDAcgDAqoE3wFP0LEAjZO9CuxJ8S7bq2fVAG2vn-hweo5oxf5subV1tOyVxu2zZVERbq0l0gDFWyrqnKEUyPdZ2a6AsFoTiq6kV6as9gjbaWWfYYHLIghvoMMdG61fgG6j7VfsmE19aTFPtmqaH3y7cwxCxLxZnz1xzDwE-ZvsPkx64ZsBFZ2c2R2ekMlmpvGhwfhkTwljz5HtdWXBNdYEoDX43d4iko9YWD_0bZu84srJkIzB0soBDLyZ2pS0dZm8EaxMWSbBW-pZSpGYFBdXBIOog0-jHF8SHceOZLoaYsGjOW0G6QmZgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOqH2rGdwYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XO80v1xuEFOleZGa53U1aVGIr_A%26client%3Dca-pub-6912414093038358%26adurl%3D
Frame ID: CE8B0F9E0A26302CEDAD8A63CEB113F7
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7ABB3B43AFC550E6D4DB12264B0848D9
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4BA6A5772C78ECAC0085ED8194BE4C8B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5CC6FEAD8A8823FD67F797F72B223329
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3653D1EB03810ADA24E1B02EAFE878FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 09D8B5F82FC734FEFE9DD86E30059E6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: D475A6FF2CFAFA936129855D6ED34EDC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C930989E5FCA8F1B60C094B2E49581BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 96602196F26A2DD422FB71A70E8E0C0F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C12CCC93A11592E5B8C5256EAF130A3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ジ Japanese Smiley Face (ツ゚) - ▷#1 Copy and Paste ✅

Page URL History Show full URLs

http://www.japanesesmileyface.com/ HTTP 301
https://www.japanesesmileyface.com/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

97 %
HTTPS

92 %
IPv6

15
Domains

25
Subdomains

26
IPs

4
Countries

2477 kB
Transfer

5298 kB
Size

9
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/sharer/sharer.php?u=https://www.japanesesmileyface.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=Japanese%20Smiley%20face%20Copy%20and%20Paste%20%E3%8B%A1,%E3%80%A0,%E2%98%BA,%E3%81%A0,%E3%82%B7,%E3%83%9F,%E3%83%82,%E3%82%B0,%E2%8D%A9,:-),%E3%81%A3%20%E2%9C%85%20Copy%20smiley%20face%20Japanese%20Symbols.%20Japanese%20smiling%20face%20character.&url=https://www.japanesesmileyface.com/

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?text=Japanese%20Smiley%20face%20Copy%20and%20Paste%20%E3%8B%A1,%E3%80%A0,%E2%98%BA,%E3%81%A0,%E3%82%B7,%E3%83%9F,%E3%83%82,%E3%82%B0,%E2%8D%A9,:-),%E3%81%A3%20%E2%9C%85%20Copy%20smiley%20face%20Japanese%20Symbols.%20Japanese%20smiling%20face%20character.&url=https://www.japanesesmileyface.com/

Search URL Search Domain Scan URL

URL: https://www.freefirenickname.org/
Title: Free Fire Nickname

Search URL Search Domain Scan URL

URL: https://www.freefirenamechange.com/
Title: Free fire name change

Search URL Search Domain Scan URL

URL: https://www.yuvaapp.com/
Title: YuvaApp

Search URL Search Domain Scan URL

URL: https://www.yuvaapp.com/symbol.html
Title: Symbols

Search URL Search Domain Scan URL

URL: https://www.nombresparafreefire.org/
Title: nombres para free fire

Search URL Search Domain Scan URL

URL: https://www.nickparafreefire.com/
Title: Nick Para Free Fire

Search URL Search Domain Scan URL

URL: https://www.simbolosparafreefire.com/
Title: Simbolos Para Free Fire

Search URL Search Domain Scan URL

URL: https://www.simbolosparanick.net/
Title: Simbolos Para Nick

Search URL Search Domain Scan URL

URL: https://www.letraspersonalizadas.net/
Title: Letras Personalizadas

Search URL Search Domain Scan URL

URL: https://www.corazonesguru.com/
Title: corazones

Search URL Search Domain Scan URL

URL: https://www.espacioparanombredefreefire.com/
Title: espacio para nombrede free fire

Search URL Search Domain Scan URL

URL: https://www.symbolsname.com/
Title: symbols name

Search URL Search Domain Scan URL

URL: https://letrasbonitas.zeroonews.com/
Title: Letras Bonitas

Search URL Search Domain Scan URL

URL: https://www.zeroonews.com/
Title: Zeroonews

Search URL Search Domain Scan URL

URL: https://www.namaffkeren.net/
Title: nama ff keren

Search URL Search Domain Scan URL

URL: https://slantedsmileyface.zeroonews.com/
Title: Slanted Smiley Face

Search URL Search Domain Scan URL

URL: https://www.changefont.net/
Title: Change Font

Search URL Search Domain Scan URL

URL: https://www.fontesparainstagram.org/
Title: Fontes para Instagram

Search URL Search Domain Scan URL

URL: https://www.fontstyleinstagram.com/
Title: Font Style Instagram

Search URL Search Domain Scan URL

URL: https://www.fontstylename.net/
Title: Font Style Name

Search URL Search Domain Scan URL

URL: https://www.letradiferente.net/
Title: Letras Diferentes

Search URL Search Domain Scan URL

URL: https://www.fontesdeletras.com/
Title: Fontes de Letras

Search URL Search Domain Scan URL

URL: https://www.fuentesdeletra.com/
Title: Fuentes de Letras

Search URL Search Domain Scan URL

URL: https://www.conversoresdeletras.com/
Title: Conversores de Letras

Search URL Search Domain Scan URL

URL: https://www.convertidordeletra.com/
Title: Convertidor de Letras

Search URL Search Domain Scan URL

URL: https://www.tiposdeletras.net/
Title: Tipos de Letras

Search URL Search Domain Scan URL

URL: https://www.letrasbonitasparacopiar.net/
Title: Letras Bonitas para Copiar

Search URL Search Domain Scan URL

URL: https://www.letrascursivasguru.com/
Title: Letras Cursivas

Search URL Search Domain Scan URL

URL: https://www.letrasbonitas.net/
Title: Letras Bonitas

Search URL Search Domain Scan URL

URL: https://www.4devscom.com/
Title: 4devs Letras Diferentes

Search URL Search Domain Scan URL

URL: https://www.aestheticfont.net/
Title: Aesthetic Font

Search URL Search Domain Scan URL

URL: https://www.cambiodeletra.com/
Title: Cambiador De Letras

Search URL Search Domain Scan URL

URL: https://www.czcionki.xyz/
Title: Czcionki

Search URL Search Domain Scan URL

URL: https://www.geradordenick.net/
Title: Gerador de Nick

Search URL Search Domain Scan URL

URL: https://www.letras-goticas.com/
Title: Letras Goticas

Search URL Search Domain Scan URL

URL: https://www.letrasgoticas.com/
Title: Letras Goticas

Search URL Search Domain Scan URL

URL: https://www.lingojamguru.com/
Title: lingojam

Search URL Search Domain Scan URL

URL: https://www.modificadordeletras.net/
Title: Modificador de Letras

Search URL Search Domain Scan URL

URL: https://www.xn--yazstilleri-1zb.com/
Title: yazı stilleri

Search URL Search Domain Scan URL

URL: https://www.xn--80aerbec6befpv9byb.com/
Title: красивый шрифт

Search URL Search Domain Scan URL

URL: https://www.xn--12c3b2atsjed4a2bc4byl.net/
Title: อักษรพิเศษ

Search URL Search Domain Scan URL

URL: https://www.xn--12c3b2atsjed4a2bc4byl.com/
Title: ตัวอักษรพิเศษ

Search URL Search Domain Scan URL

URL: https://www.xn--12cxt4evac3cc0w.net/
Title: สัญลักษณ์

Search URL Search Domain Scan URL

URL: https://www.xn--12c2dovcdw6a5a4j.net/
Title: อักษรพิเศษ

Search URL Search Domain Scan URL

URL: https://www.xn--82c3c9a2ac5f.net/
Title: อิโมจิ

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/japanese-smiley-face/icdbenacbhijebfdboiihifegjgnacjb

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.japanesesmileyface.japanese

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.japanesesmileyface.com/ HTTP 301
https://www.japanesesmileyface.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA9eDLfxDQBRjQBTIIzyMKdqCLFQ0 HTTP 301
https://tpc.googlesyndication.com/simgad/16552660500660740142

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca80dV1SVZYKkK8-sn88Py6Oa0A-DiYP8coeD6Z39EcOestHrARABIJPr3XtglYKAgLQHoAH8qP7MAcgBCagDAcgDywSqBPUBT9C7UOLHAmnI1xNtJbRcD4fObUZcfOT48i5QBZbJv3lzQk3om9TneQKDbE7V5uX9fagLBD7DgxqQfmw-cMBlNLlOB4PKjrzt1q5jlhehgA85mtiMxti9Aq9ilCOvKHkdyxvhayOvB7tby_iuUpmnbhFSeIonwLGeEfSsiyWxmDvcWgA_g-yZXkJI498xc8EdrtF_GG5FVPaGlsFTvNcoKflKatv--zPGahW1QWU2iHpi6GCEFXl8juWoe9teeER9L24_ZBi-G_qS0XCsi6c2pe95GMnV9ox0wVCXgtCp3Hdg0tHW0VRELdzmC1KWRipwHUDD21PABO3Z3vOvBIgFjqOqyEySBQQIBBgBkgUECAUYBKAGLoAH7NaBswKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ9ZIJ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliR3NixncGDA5oJFGh0dHBzOi8vbWl4ZnJpdi5jb20vgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMC0BUBgBcBshccChoIABIUcHViLTY5MTI0MTQwOTMwMzgzNTgYAA&sigh=gxakmReSncc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_0pQ4cs_bKRFvaMG_anq0t-gSouXQMv8_AAuft7W8UNru5sKJXBtpYFO44o7omY2EyiBq611F6JZfQHC3OD719lPhmAfCrZ-rDTwYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225583551329608183316%22,%22debug_reporting%22:true,%22destination%22:%22https://mixfriv.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22429888636%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212219166655958531969%22}&andc=true

Request Chain 120

https://googleads.g.doubleclick.net/pagead/adview?ai=CXc9dV1SVZeGkKdfLn88P5fae-Arc4KbqdLmVrIKdEvvz9P0IEAEgk-vde2CVgoCAtAegAYa52f4DyAEDqQILbjh2GmSyPqgDAcgDyQSqBN0BT9Dafha_Uo_nHJ7IeNZ0ZK4Lp3B6xJGAlh6tlomfNV-CMT60vZ6_jw53xyc862NLAuWtUzc1OpTWWWI1etWlP-z_uwKkfuWLXBpNYLRYM2-NujfibOzXwg46BDfMJ5VjAHOAcfWO_nSxZmQlXe_qRyKctrKYVN2MT_rkiGMxrdTtSsMAFYSNrHzRrY3sylTWp-X5GtRloWpo1avSfNhUWIOPzdf0Ym1geNtAsgwkBI86Q8aMAQsgtsRtWmXwq4kJQ2KPV8hgWg0mEBlH81CDZwGzcRcw3OGtWzw9MNXABN3Hte26BIgF36e00U2SBQQIBBgBkgUECAUYBKAGA4AH4samAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEIuWB9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYmdzWsZ3BgwOaCXRodHRwczovL3d3dy53ZWx0aHVuZ2VyaGlsZmUuZGUvd2VpaG5hY2h0ZW4tc3BlbmRlP3djPURHQkFPQTEwMDAmZW1fc3JjPWRpc3BsYXlnJmVtX2NtcD0yMy13aWthJnV0bV9jb250ZW50PXYxXzcyOHg5MIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMC0BUBmBYBgBcBshccChoIABIUcHViLTY5MTI0MTQwOTMwMzgzNTgYAA&sigh=V-nltFJ_fZA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_rd0Ws5Z_on6YAfxGJhU9mTIB_NHKiRnbGGmNekI4yDQpma4wlHAp-OyOcKtJKNLsMxeWKwXWPSI6M2acTNC8hCs39moHxbLBzrsYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211329402005417829310%22,%22debug_reporting%22:true,%22destination%22:%22https://welthungerhilfe.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071012998%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223731881049021451169%22}&andc=true

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://googleads.g.doubleclick.net/pagead/adview?ai=CfMqgV1SVZaCiKsmF2OMP8Ki24AT6w_eOdcLFlLGrEZWog5beQBABIJPr3XtglYKAgLQHoAH-2Yz8KcgBCakCC244dhpksj6oAwHIA8sEqgTiAU_Q78PCDcNIXysBirgx9QasDa5AZOF9CBxszBKczYi_fixH2H2LiYBHPHtkMjsEy04tLyb3hkIRu0PUlZtVcOlmApqWcpLYIGa1g2jl0lKlp_ox4KJQev3DMR3oNpBmZiUZfoH8Vku_WtvXtHxTwSmG9d6mXyejZQkllKZIJjBh2uiEk1bx-rRii846k6LjIwkaOH-OzJMtk5780l4mqlttNughWFQv4Zc1E-4u0fJ-KcA9FTaqNG-8Bs-oZUEeCTG9-4gkdq4gMfLQA3yUFYBRgkyLh80fuNENd0OPsuSQ0_jABNr4hpbKBIgF47Hu6EySBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_pHd2wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQsM0Q0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljMz9exncGDA5oJEmh0dHBzOi8vZ2xpbW9yYS5kZYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjkxMjQxNDA5MzAzODM1OBgAshgDIgEA&sigh=62t6Oz50c3E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_9UvaxHZEFcSbFirEZYJXS-AoE-f2IjpGR3Lg1Igb8ww1ePun5hJF7cdMinQKtMhT3z9LEWtwfYZvNkYFl_XQugkbdcgHOL63DxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222867863269675242461%22,%22debug_reporting%22:true,%22destination%22:%22https://glimora.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211266108670%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22329823564423776129%22}&andc=true

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

131 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.japanesesmileyface.com/
Redirect Chain

http://www.japanesesmileyface.com/
https://www.japanesesmileyface.com/

135 KB
15 KB

83ms
39ms

Document
text/html

2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.japanesesmileyface.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e381c986617d412aac6ecbcded6d80a24733b58ff6e66dc59780650b9cdc7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2623
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 83fb46bef9896f24-CDG
content-encoding: br
content-type: text/html
date: Wed, 03 Jan 2024 12:34:30 GMT
expires: Wed, 03 Jan 2024 12:50:47 GMT
last-modified: Thu, 21 Jul 2022 17:03:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX4X4jP%2FlGVAd50I0uCTewtcah%2Bbxghj2D1ZrFZOwtCDjhKUc%2FrDDkZu7cfwAQMG5wwsdf3c9zAoIJAjFkJ5xOx6gNdaC1IV2qA6mO5YDj8KI2i7UgCCSRaoY7NfJtHPsIdG4o7FpTFazSexRJDsuilMmzACM3sPbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-goog-generation: 1658423019650759
x-goog-hash: crc32c=DUJ8gg== md5=NzaGeKyKg55cs/skuV+beA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 106346
x-guploader-uploadid: ABPtcPr9f6nkSw2GbgxqAL8f1qUCW0gYTRQ-_2P1mR94JulbA-Ajm7Eqp-0-940wlrOuYdhbDmv2iGTkkg

Redirect headers

CF-RAY: 83fb46be8e8c71c1-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 03 Jan 2024 12:34:30 GMT
Expires: Wed, 03 Jan 2024 13:34:30 GMT
Location: https://www.japanesesmileyface.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o44TeMVxmAfZ0oPJr5YHfAxAn3MBkFtLiynycmI3sbN14p1cDR949Ud9bspKZSfTUv6ZQk7AuAAA6Ylbx1a8EbltGf4THtxC6osjOZH5x7aoWgU35UbzT4%2FqIZJw7bo7m2Y2y4QKqKJ%2FYe3Ytq1ZvzwLBHFgZaULug%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
www.japanesesmileyface.com/ 9 KB
3 KB 27ms
26ms Stylesheet
text/css 2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.japanesesmileyface.com/style.css?ver=1.1
Requested by: Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2992ac734f6105027646a032c64bdefedd87ceb85175b531ccfa044995eac2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2748
cf-polished: origSize=11767
x-guploader-uploadid: ABPtcPq6nv9jtS-Va7KX9vbSDI9bC6krxDBnbUz1r4e67GSf8glDpwuUsVeIdDeUbuJSbUayw9M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 15 May 2021 09:31:22 GMT
server: cloudflare
etag: W/"99dbc738dfa1cdef1e5e836be1625b1b"
vary: Accept-Encoding
x-goog-generation: 1621071082498811
content-type: text/css
x-goog-hash: crc32c=VBkoyg==, md5=mdvHON+hze8eXoNr4WJbGw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbGNDg2sL6Yl2lC79IIrLVPaTNDm13w1glUcrZTGHgRa9UcHLJ35zP7KcJuv83l2ohUa4QlxcsYOsvSOgHq2FvnPwuWT%2FVAjUhu86iClqvos06drYlc8fbJxDbRZsCIVlvtnx%2B%2BgHuWbAUZctK6mhuJzLq21Q6eSPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 11767
cf-ray: 83fb46bf49ed6f24-CDG
expires: Wed, 03 Jan 2024 12:23:02 GMT

GET
H2 200 email-decode.min.js Show response
www.japanesesmileyface.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.japanesesmileyface.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9ZkDrXqT1Mx18cwx3goNLfqvOOzLOWVR3FmfukWa3FKzpsXSNOvFhV4g2tVtf25KqiZxQdqYPdmpagL9gPFRgl1CHYwA3GJgaBfTIvtDqfLhnAw7TR54ZPvT4gAzRFAw54e%2BBmRTP%2FkDLPR%2B0WurzMqu1WPv0zfzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83fb46bf49ef6f24-CDG
expires: Fri, 05 Jan 2024 12:34:30 GMT

GET
H2 200 rocket-loader.min.js Show response
www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 21ms
19ms Script
application/javascript 2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWkEP25D%2BuQPWX1qnKfgxErK85kD2jFdAolWSSfDlMZKC3j5wbHIl426VB2WnUFT8G%2BnnFPeHLE3o3%2FA4BivwMJJoui6ASkuKTezOwMNtMHjx4MGQqSUp3lfOjcNBUizVGY3Nz6SVLlwfyWEhnCjEWz5GntSKVTELQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83fb46bf6a286f24-CDG
expires: Fri, 05 Jan 2024 12:34:30 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 62ms
40ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.japanesesmileyface.com/
Origin: https://www.japanesesmileyface.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83fb46bf8fe09279-FRA

GET
H3 200 scripts.js Show response
www.japanesesmileyface.com/ 4 KB
2 KB 33ms
32ms Script
text/javascript 2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.japanesesmileyface.com/scripts.js
Requested by: Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c7eaad3be5797cf35efe06e7d9312ef00786dd686a88915bf6d41c1a307b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2706
x-guploader-uploadid: ABPtcPpTE7F-B2isyxX_UXbalmf9OROGujzvm23HwAXduAzylwg5bmWlI8U2CZ_vYbg4MR6s_a4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 27 Dec 2020 16:50:16 GMT
server: cloudflare
etag: W/"6a7c8417cea0ecf44641c4987c7e7a93"
vary: Accept-Encoding
x-goog-generation: 1609087816501493
content-type: text/javascript
x-goog-hash: crc32c=fPVd9A==, md5=anyEF86g7PRGQcSYfH56kw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BEhF8FO0aPBfuRKlqe1cq0ZCZl5ImzeVZ4uAqMW4Cqag%2B5nHPV8iLDdwUH22NmTmx6cquwQHqltC7yV13j%2BfcyiFTxVCbjaWcS4JC4fW5kzCmR7FBpawzRwFMO9N85s0yKsoGbbgBlMgJpj%2FeDIBMVsqdidOey6dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3718
cf-ray: 83fb46c05ce86fc0-CDG
priority: u=1,i=?0
expires: Wed, 03 Jan 2024 11:50:12 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
934 B 38ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1705604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYVcpiraPCrPYUsj5Nj8qs84JwpeC1pKc8J%2B88uLAGxlP%2Fu9qdxSF5Sbekmqy8SZwtOEVnAHxQCOkOqBmj2U4ETfRm2rUK%2F2eDZfry1DpI8hgxpVy%2B8XpRUgq7PM%2BOVW6FB%2BRB4RCGDeDCaRd6IuzdSm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fb46c06de103a0-FRA
expires: Mon, 23 Dec 2024 12:34:31 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 35ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2880958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOierJGHDR6%2BEMFIclXSMibQpeSB4JhQ1KUg%2BPBfxi6f2WY%2FGj6svAcoSF0kh296wJHHig0GOgAAYiyUL3RWtYKNAK0X4z5o0kRtQ%2BnGee0AqIqgLgNhOFeL9pcSe3f6badfIkQItFCZtKD9GGaXDC55"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fb46c06ddf03a0-FRA
expires: Mon, 23 Dec 2024 12:34:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 14:16:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 132ms
92ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab23e96e5c3e457872aa0a30869a8ba2effef0148bec91a5fe102f59c9a78dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51551
x-xss-protection: 0
server: cafe
etag: 12518219144668612478
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 103ms
66ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6912414093038358

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0453b5ae10fa576c95619caa4c47c047faab17119c6f970ef98f258e5273373f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Origin: https://www.japanesesmileyface.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51555
x-xss-protection: 0
server: cafe
etag: 3247581274179292932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 71ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-178390608-1

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52e1f9dc61c160aadb2877e87b863375dd7362aaf21bbefaa4846009e8472ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68996
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N4F8SC6X92&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178390608-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b8dab46535b54671a86c044684c2b65cb466dfaccb96348841edbf4f0473211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 80ms
27ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178390608-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 11:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4326
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Jan 2024 13:22:25 GMT

POST
H3 204 rum Show response
www.japanesesmileyface.com/cdn-cgi/ 0
149 B 22ms
22ms XHR
text/plain 2606:4700:3032::6815:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.japanesesmileyface.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:e87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.japanesesmileyface.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.japanesesmileyface.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83fb46c13e1f6fc0-CDG

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6912414093038358&plah=www.japanesesmileyface.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6912414093038358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90ec29ec2d1b1696645bb99691e88ef42d64ef16e56d06216280be48bcd03918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 79795976546120813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F1E6 9 KB
4 KB 91ms
18ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6912414093038358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 16 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 82ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N4F8SC6X92&gtm=45je3bt0v9134926511&_p=1704285271089&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1885164260.1704285271&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704285271&sct=1&seg=0&dl=https%3A%2F%2Fwww.japanesesmileyface.com%2F&dt=%E3%82%B8%20Japanese%20Smiley%20Face%20(%E3%83%84%E3%82%9A)%20-%20%E2%96%B7%231%20Copy%20and%20Paste%20%E2%9C%85&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=787
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4F8SC6X92&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.japanesesmileyface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
262 B 76ms
22ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N4F8SC6X92&cid=1885164260.1704285271&gtm=45je3bt0v9134926511&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4F8SC6X92&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.japanesesmileyface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 94ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N4F8SC6X92&cid=1885164260.1704285271&gtm=45je3bt0v9134926511&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=198943656

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 23ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=244423346&t=pageview&_s=1&dl=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ul=en-us&de=UTF-8&dt=%E3%82%B8%20Japanese%20Smiley%20Face%20(%E3%83%84%E3%82%9A)%20-%20%E2%96%B7%231%20Copy%20and%20Paste%20%E2%9C%85&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1622871654&gjid=756177798&cid=1885164260.1704285271&tid=UA-178390608-1&_gid=1438249281.1704285271&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1512176366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.japanesesmileyface.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.japanesesmileyface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 23ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-178390608-1&cid=1885164260.1704285271&jid=1622871654&gjid=756177798&_gid=1438249281.1704285271&_u=YADAAUAAAAAAACAAI~&z=397253300

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.japanesesmileyface.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.japanesesmileyface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D30B 320 KB
79 KB 629ms
628ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&adk=1812271804&adf=3025194257&lmt=1658423019&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271254&bpp=14&bdt=343&idt=257&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5439454602137&frm=20&pv=2&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6912414093038358&plah=www.japanesesmileyface.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e75d293fae446fb8fd492b58c4a4420bd66dd9186ee8bb0281f043b95e16ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80466
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:32 GMT
expires: Wed, 03 Jan 2024 12:34:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
66ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d266261823c5e67c5d479c9da7cc66c353e339ddbef039af9c9ace8afe1ce615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B67B 118 KB
40 KB 1028ms
1027ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

093cb1c2bf58b9ded163ba025055e775d5866ccaa1d2d2353c35733ba455bc99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:32 GMT
expires: Wed, 03 Jan 2024 12:34:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 85ms
39ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-178390608-1&cid=1885164260.1704285271&jid=1622871654&_u=YADAAUAAAAAAACAAI~&z=1103799542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-178390608-1&cid=1885164260.1704285271&jid=1622871654&_u=YADAAUAAAAAAACAAI~&z=1103799542

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF27 143 KB
43 KB 828ms
827ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=2674862366&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271273&bpp=2&bdt=362&idt=326&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=333

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c66901d9f2ebc2b7c23baddf4089a68c732be5687a1327642e0a746245b89ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:32 GMT
expires: Wed, 03 Jan 2024 12:34:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 334E 36 KB
14 KB 406ms
405ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=4240431096&adk=976199221&adf=4076056445&pi=t.ma~as.4240431096&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271275&bpp=2&bdt=364&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=350

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e9b01efde9d29d7dd881dba1a0d7ea7ac32d73baafdb300cd371a8370bb0a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14595
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:32 GMT
expires: Wed, 03 Jan 2024 12:34:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 159ms
118ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 12:34:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A7F4 13 KB
5 KB 19ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:58:54 GMT
expires: Thu, 02 Jan 2025 09:58:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 17C8 829 B
999 B 30ms
29ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

583ec5f91fa0e83d9515fcc66fae605e4fd37cacf0d702153cc9b16867d5a0c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eZ9Q0EPYB1OqpDbAzDQ5Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eZ9Q0EPYB1OqpDbAzDQ5Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:31 GMT
expires: Wed, 03 Jan 2024 12:34:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A7F4 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 09:58:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 17C8 0
0 49ms
49ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=223879984055069&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A7F4 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-UsrwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 334E 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=4240431096&adk=976199221&adf=4076056445&pi=t.ma~as.4240431096&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271275&bpp=2&bdt=364&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 334E 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 334E 194 KB
62 KB 98ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CE8B 207 KB
60 KB 132ms
93ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZVUVwALIUkD58MVAAWAPGLUXiFHN_Egs6k9ag&u=%7Cb811dwwl%2BK7uG5VWcV40NYtXqLfUqnr2SdJ68Cckoy0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoJ8u0kE1bqTFXCLT7Qgme3YiOiC0TY3SwjyAHkMlGQEg_5eNnRYyfiV5PbL_MMTbQzyvNhrvES-BX10A9MdbkkTJtZVtk_zuVumAaRGm-em0N9JpLv_wnK3ka1pQ6w8hRqEeXxyLFt7lMruiKQjwj_ADUXDo6v3Di0ktFwVPg9WjP2iJlM9AJmagyHd2YcqAfmoypnZocBuQt-Pc-T34UGPNPHg_0ErhOFF3d8Kjyv3OvHVZE7Yvpnb4PMsJmn0u8DCSC5iAbLpiEhjJ8M0rnvHRV-oDMlxgTJrJLpEciIjmy3IxK6LmEpal_NsDsMq2z1hqjlkg8Z0RRsp6aP4un-CCwsxiOIVV_FFiw_2mRdmwNMQBVghiSq_bQzrWWGCwMjYI6h1xCZjwaRfh5JrcrjGT4x4Umqb0ypVvm7XBdQVAUlWx-VEspG3x-LNYw17kBWx1G1ZGuQCiPW1q7ik4JQ2ESXqTQ6t5RDrhncOgmL1tORSsuZftlKJr2Xv7Uu4-w7HBk8Er1Et1uFwADIGSPbNf1VkT43SZOqd-MxE1XwSBwikymc7GfSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0lLRV1SVZcnCLJWGn88PvICWyALJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTEyNDE0MDkzMDM4MzU4yAEJqQILbjh2GmSyPqgDAcgDAqoE3wFP0LEAjZO9CuxJ8S7bq2fVAG2vn-hweo5oxf5subV1tOyVxu2zZVERbq0l0gDFWyrqnKEUyPdZ2a6AsFoTiq6kV6as9gjbaWWfYYHLIghvoMMdG61fgG6j7VfsmE19aTFPtmqaH3y7cwxCxLxZnz1xzDwE-ZvsPkx64ZsBFZ2c2R2ekMlmpvGhwfhkTwljz5HtdWXBNdYEoDX43d4iko9YWD_0bZu84srJkIzB0soBDLyZ2pS0dZm8EaxMWSbBW-pZSpGYFBdXBIOog0-jHF8SHceOZLoaYsGjOW0G6QmZgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOqH2rGdwYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XO80v1xuEFOleZGa53U1aVGIr_A%26client%3Dca-pub-6912414093038358%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7d957e13d32b2a6038d755f5df44e90b08bbdc90eccb7f27c995e130725a7376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0bqrIaJw8dBvu3piDhTLl7SjuPMZmDqkRjG9r4lUAOXxQyzCRFd650GoGQtmzn641r0nRSkLab9-t3e97hM9NRNyu09UBJu1Ql9nrQuFLnNgKJNJ3mL9EHR0Oi5xkD3E_94KwtpkBc3_eiEwL5EAoVXZruwG3xpjPgzuiQE6jwfrI17QLl4kTkYd0ftiu-wKb3YOPTu0m1ZWzVGh2rnlUw8Shof1N6EQ1irYmJd2d6whF0LrSJ1Bx4L7Ze1QIVl1XUNGlw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69598076
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 334E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5bdde39e3bcfe0705c8bb2b01e9afb55a82df04ce33d61cb4542c853f604dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CE8B 2 KB
1 KB 64ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZZVUVwALIUkD58MVAAWAPGLUXiFHN_Egs6k9ag&u=%7Cb811dwwl%2BK7uG5VWcV40NYtXqLfUqnr2SdJ68Cckoy0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6IhKYyRysqoJ8u0kE1bqTFXCLT7Qgme3YiOiC0TY3SwjyAHkMlGQEg_5eNnRYyfiV5PbL_MMTbQzyvNhrvES-BX10A9MdbkkTJtZVtk_zuVumAaRGm-em0N9JpLv_wnK3ka1pQ6w8hRqEeXxyLFt7lMruiKQjwj_ADUXDo6v3Di0ktFwVPg9WjP2iJlM9AJmagyHd2YcqAfmoypnZocBuQt-Pc-T34UGPNPHg_0ErhOFF3d8Kjyv3OvHVZE7Yvpnb4PMsJmn0u8DCSC5iAbLpiEhjJ8M0rnvHRV-oDMlxgTJrJLpEciIjmy3IxK6LmEpal_NsDsMq2z1hqjlkg8Z0RRsp6aP4un-CCwsxiOIVV_FFiw_2mRdmwNMQBVghiSq_bQzrWWGCwMjYI6h1xCZjwaRfh5JrcrjGT4x4Umqb0ypVvm7XBdQVAUlWx-VEspG3x-LNYw17kBWx1G1ZGuQCiPW1q7ik4JQ2ESXqTQ6t5RDrhncOgmL1tORSsuZftlKJr2Xv7Uu4-w7HBk8Er1Et1uFwADIGSPbNf1VkT43SZOqd-MxE1XwSBwikymc7GfSQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0lLRV1SVZcnCLJWGn88PvICWyALJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTEyNDE0MDkzMDM4MzU4yAEJqQILbjh2GmSyPqgDAcgDAqoE3wFP0LEAjZO9CuxJ8S7bq2fVAG2vn-hweo5oxf5subV1tOyVxu2zZVERbq0l0gDFWyrqnKEUyPdZ2a6AsFoTiq6kV6as9gjbaWWfYYHLIghvoMMdG61fgG6j7VfsmE19aTFPtmqaH3y7cwxCxLxZnz1xzDwE-ZvsPkx64ZsBFZ2c2R2ekMlmpvGhwfhkTwljz5HtdWXBNdYEoDX43d4iko9YWD_0bZu84srJkIzB0soBDLyZ2pS0dZm8EaxMWSbBW-pZSpGYFBdXBIOog0-jHF8SHceOZLoaYsGjOW0G6QmZgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOqH2rGdwYMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XO80v1xuEFOleZGa53U1aVGIr_A%26client%3Dca-pub-6912414093038358%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CE8B 2 KB
1 KB 67ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CE8B 308 B
636 B 54ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CE8B 293 B
621 B 54ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CE8B 43 B
348 B 82ms
24ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JhphaVpK7UNOzZVT8RZfYtdX4rChznOdqZnSIcGvPZkBgjwQdPcHHmwfWYKWr2iJTnhNaKsq4S3ARNKmG6Z5Z13AGUGChfWoQv7AVOtjeCh9Kl5_8Kpq-OjEWL6CVR7cfM0BDcdA2Q93D7RuXdI_RwHY3zPKRmOqWNVPgHK030VLEmdoo7kONILRHCFd-_4y-kbNeZoNK8KMqyoUrbwI1A4oEWvUzucPbzcBHh45izBfTOdIiEhI0K3IEPpS-qNCuMHMfnIQh75zg028pQm08KB9gEMSxWqVGfDFvrHfRLL60VYO97JYL8j5nvL9FK18gPR6pXkdaAa4EkRujWmLtJnLv8pQIoJ-Ysu8iYn1aoy66arqz-Ub4jlng9GBY2X91CPfPgkYaV7ReNhNQu_UzG5RJ-8M_EA4iFUKI0jYJaSG-99d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1705549
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CE8B 12 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2870672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAv3fv2zJoXTMhTTqbT9rPo0%2BBWaTGGHd1HW4uZL6RF3LLc5eGRpbFBkEbetF%2BvgSerT1hssQPc5Dcx1QOy92qKNC0lqjr7SmLZc9nrNc4ijlGYwnkftSR0QFuvqO4b7sr%2Ff%2BMYQ9Z7FT3sjLEuWKs%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fb46c79d2003a0-FRA
expires: Mon, 23 Dec 2024 12:34:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CE8B 12 KB
6 KB 62ms
35ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame CE8B 46 KB
46 KB 84ms
50ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame CE8B 38 KB
38 KB 117ms
83ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 13 KB
13 KB 186ms
87ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5193633%2Fe67df1b4f160448182e75ba3f8786477_logo_n_horizontal.png&v=3&w=528&rid=4&s=tMMfQSTQ-5E_G_yKeW56X2aD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

09307bbc4d1d424f244c512e00bb478f616a3f664ae2d1bb3f744faf2c853f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12921
expires: Sat, 14 Dec 2024 09:48:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 103 KB
103 KB 190ms
92ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5158051%2Ff7aecaf565bd4e1983d6cf408da134c4_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=7mgRVQv6GGiV-VFRjXlFdi6D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

452a6ea0f26754308eecfe205968b5da30664b8fe246b27ccc5035f9bd46166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 105526
expires: Sun, 08 Dec 2024 16:07:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 13 KB
14 KB 185ms
86ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695026767%2F23081350-pPHR7j14.jpg&v=3&w=400&rid=4&s=fHXO0cbyhB98O-tPJjvRHFUw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f74bf7263050236f11883a5b9223f655ad9bd1b3e7510749d1359ee11850d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 13796
expires: Fri, 05 Jan 2024 06:59:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 38 KB
38 KB 133ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1697442970%2F23080682-M6K3ib9U.jpg&v=3&w=400&rid=4&s=nA-JgSI0GOQeZVNyIM7J8jz0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1918823919f7d53899472a7a00fa6a73769e360171468c23d1720382c2eb8224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38974
expires: Sat, 06 Jan 2024 10:56:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 37 KB
37 KB 161ms
63ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1697442863%2F23080693-TbpQbYyU.jpg&v=3&w=400&rid=4&s=Mapf1V_u4Ovx-wWddcJqMbp6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e670b690ebcf7f7b72df0a1af4add67651c0d011c9908457ac9ddcae50a86c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 37680
expires: Fri, 05 Jan 2024 07:07:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 36 KB
36 KB 186ms
88ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1697095097%2F23189166-9l9tXkZi.jpg&v=3&w=400&rid=4&s=xwS_OKTuW8mYZ84JMHix1MVF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bf2aa4deb5a050caf8be7bee8a16689901412775a9378a703bce91b772788f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 37068
expires: Mon, 08 Jan 2024 07:53:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 25 KB
25 KB 63ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1647588677%2F21260529-I6VSZ6t7.jpg&v=3&w=400&rid=4&s=cM7D2XfFFYE8BszAt9venfPx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28a2c98d51211ceb352ee4910835764201d1fab173a261b6e60f57afb0411bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 25678
expires: Fri, 05 Jan 2024 18:55:22 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 354 B
567 B 66ms
59ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&rid=4&s=u4d8gANmsyX95m5QENytTHgL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 354
expires: Sun, 15 Dec 2024 18:04:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 15 KB
15 KB 65ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1702990437%2F21300290-8z5Sd30T.jpg&v=3&w=400&rid=4&s=PRpfVQ_xDGQB4e93UrwH_6cu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6c79dc95481593b76c941133ebae36f18960a9017a4be5046de282aec271836d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 15058
expires: Wed, 10 Jan 2024 06:49:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 10 KB
11 KB 64ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1695377521%2F23091746-ZspLRtfp.jpg&v=3&w=400&rid=4&s=ZJf3KQ5LzmzoiqSjkIgfBr0Z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

af296f59d1316c26d0e92ca227ceb23bf4764f1186d59fa176c899fcd4a45533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 10654
expires: Fri, 05 Jan 2024 13:28:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 7 KB
7 KB 69ms
62ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1663156279%2F22201017-ypPlreG9.jpg&v=3&w=400&rid=4&s=md5rq687Q_1gYYebmUZbVKug&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7987f90d18c3ec602ba45e01b27be83d6e6cc4d1720218244f440baa8db8b3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 6858
expires: Fri, 05 Jan 2024 15:40:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 9 KB
9 KB 68ms
62ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1574074597%2F19305485-rgS6irBO.jpg&v=3&w=400&rid=4&s=7rCeOGUmZuU4e0Ay9mMnCeER&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ece8a954f0b636dc29457ccd9c5439fbfb8114fda5da158255dc95d4c642ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 9286
expires: Fri, 05 Jan 2024 13:10:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 15 KB
16 KB 77ms
71ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1645172413%2F21260537-eI2y00SM.jpg&v=3&w=400&rid=4&s=X_C9U-ZJqHyTY0AKSh3u_wmr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

72489a288c3e135b44c2d14efa91a8782f185b3ce64466821835de89470d13c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 15736
expires: Mon, 08 Jan 2024 16:20:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 36 KB
37 KB 74ms
68ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1652956008%2F22091562-eYVAhBRO.jpg&v=3&w=400&rid=4&s=parUDTFLPq_mvRev2dfoskq4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cfb0a1ae5ac491b9057b861de7f66cf4c166cd9e494c327700c5bc0825ac737e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 37278
expires: Fri, 05 Jan 2024 13:11:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame CE8B 16 KB
16 KB 72ms
67ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1562152446%2F18384465-TMC6UENd.jpg&v=3&w=400&rid=4&s=uhZVVuYvqu3s-rBU0rtwXAM1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

179a8680629080abd80b70116942f200118cd8e1cca390c1074eebe605ce9da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 16610
expires: Fri, 05 Jan 2024 14:34:01 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CE8B 0
128 B 91ms
28ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=0bqrIaJw8dBvu3piDhTLl7SjuPMZmDqkRjG9r4lUAOXxQyzCRFd650GoGQtmzn641r0nRSkLab9-t3e97hM9NRNyu09UBJu1Ql9nrQuFLnNgKJNJ3mL9EHR0Oi5xkD3E_94KwtpkBc3_eiEwL5EAoVXZruwG3xpjPgzuiQE6jwfrI17QLl4kTkYd0ftiu-wKb3YOPTu0m1ZWzVGh2rnlUw8Shof1N6EQ1irYmJd2d6whF0LrSJ1Bx4L7Ze1QIVl1XUNGlw&sds=2&rev=89863&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 12:34:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CE8B 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CE8B 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 28 Dec 2024 12:34:32 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845f85e1514e9daf9bbdce8848cfb2291516fd1c08b33b5442866771fdcae064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56013
x-xss-protection: 0
server: cafe
etag: 12003103348929325532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF27 2 KB
975 B 91ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=2674862366&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271273&bpp=2&bdt=362&idt=326&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=886&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 10:46:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FF27 2 KB
822 B 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FF27 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FF27 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FF27 20 KB
8 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF27 194 KB
61 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame FF27 37 KB
16 KB 101ms
24ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H3 200 3878167668259989478
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF27 17 KB
17 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/3878167668259989478?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adccaca3270a297ed9680793974ab97b50241614435626d83f9605fa0a74dd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 09:29:19 GMT
date: Tue, 02 Jan 2024 09:29:19 GMT
x-content-type-options: nosniff
age: 97513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17776
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:26:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 16338707034244700616
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF27 330 KB
330 KB 49ms
48ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/16338707034244700616?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d925fbe255416b8e388d01caf8efa6b9f98b75f8a0c66db6b7f05aee815540a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 31 Dec 2024 21:57:30 GMT
date: Mon, 01 Jan 2024 21:57:30 GMT
x-content-type-options: nosniff
age: 139022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338139
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:25:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 398295607869204523
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF27 7 KB
7 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/398295607869204523?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb13c3ca397e81129cd375ec854b0fd96b99df15e9c3d2bab4f8423b0ad235be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 28 Dec 2024 22:36:43 GMT
date: Fri, 29 Dec 2023 22:36:43 GMT
x-content-type-options: nosniff
age: 395869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7144
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:26:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1755616910531170764
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF27 17 KB
17 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/1755616910531170764?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bd68ebd35e57e1457f5557f9826402fb3c9ce8f329cac026491b6b38917db32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 13:47:31 GMT
date: Tue, 02 Jan 2024 13:47:31 GMT
x-content-type-options: nosniff
age: 82021
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17727
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:25:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 306726850402652757
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF27 58 KB
58 KB 48ms
47ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/306726850402652757?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec573a330c5389b1106dbc193c79cbe8fd434f273f6ac388220f595068131cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Mon, 30 Dec 2024 11:20:01 GMT
date: Sun, 31 Dec 2023 11:20:01 GMT
x-content-type-options: nosniff
age: 263671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59415
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:25:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

16552660500660740142
tpc.googlesyndication.com/simgad/ Frame FF27
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODA9eDLfxDQBRjQBTIIzyMKdqCLFQ0
https://tpc.googlesyndication.com/simgad/16552660500660740142

68 KB
68 KB

28ms
27ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16552660500660740142

Requested by

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3444768eebd17aba32dd3fcc9b73ade9c46b0c3a64d77fcc37b3e2a371fd68e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 01:57:19 GMT
date: Tue, 02 Jan 2024 01:57:19 GMT
x-content-type-options: nosniff
age: 124633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69226
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 10:55:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Wed, 03 Jan 2024 09:31:31 GMT
x-content-type-options: nosniff
server: cafe
age: 10981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16552660500660740142
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 02 Feb 2024 09:31:31 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 7ABB 9 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 17 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4BA6 9 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.japanesesmileyface.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 17 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=223879984055069&bg=!BAelB0jNAAY3kmNgF5I7ADQBe5WfOOtyGtJWmhdSg6rviGc4WadAVhqKaAfQB9fFqcHtUwAvsjbAz5HlLrj3JSLbGlMTAgAAAFxSAAAAA2gBB5kC-PL8LXj6ilvNoxtUIB2m-PRjBpuhn6A_8ZRqry04H2kKPCJtGJTwNw0jZ4YMU8KxsQGUGN14ZypI-Ljr3o67bZ3NyFoQNKOb00b-r5dJNNcnx8W7rQxO4qsLMj6FtRGb1uyO4t7YRCZLBbLWlUmyqp3zDzpMMES_i6JDQzxudDs7b7GBgn_LmUO-yPBqKxeKwckPdgI4zl2CqFBgXHbZ7Wkc_Tp9qy_khrxbxK7UYPnIjk_G9eFhzR9PYhLZBtGej-jymYKtTPlQ2IJd1GItYUVgWKLYJcTr_L0i5fp2keIbGPidwNp1cpsB2VSlre3qj_Q3hjQdsRGUpMnwf8FDP-K7lX0DJq-U72rGn_vbY7dk-636XCZZNrFsnoTIi75dl-OqNtz-L7wGoc0sAd-9N6rHMC4EpVTeII0JORbNaYJ3JaWPaXcx2oTUtQCZCX8L77uqWw_z43sjxhSmBMsEuzQgufdQzLnqpBc1ZxPLHtTGm5x7VQKDNlPDrZR6irlakjeIjTXWbp4TFF8-QYWDL1-JIVNLyhBZCA3olxHKiX8O9OzECvBmSgkDdG7EsTVnWERX-cLytqHD83DjXze-H9x_4Zm3v3mHgrMmJJcnPRX5p_KeoAHn07qEe4WklLmumNc4b9YYaG6ZMkIzPFUBSbdGBD3RgdSymGzckFlIqBa59n_ofTUJKtAUKU21_HC1XGMEZhq2FGhiujUJX3LzdU5lIzi7Q2RY0tKLhqo7sBtFUSrLQ3zl2dYyVFGZMmP1UAZhjjUmaCkUPxZSAFgo5-UHCeEWbXWMq7kyBCbUSgJzxhjBab4mVJ73l6IdT025tPBh9VYeNrvkEiDuXe9glDBbuJH2TKBGOc6od3hhUXnKo2Apf8YRMNFbc6xEeYn4bRag3t1OxfJium8Q4XwVcTrI7Pqp1SlEGH12budLdXhGpKXsuWAQiUP3e3FSXwNUU2euaV5RZZBorSHRQZv_WFY-tzD4-_rTAKQ_0Xkx9uP4-QFF56nXu4I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.japanesesmileyface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 334E 0
23 B 71ms
70ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDSaSV1SVZcnCLJWGn88PvICWyALJntKxXM2G49aTAcCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02OTEyNDE0MDkzMDM4MzU4yAEJqQILbjh2GmSyPqgDAcgDAqoE3AFP0LEAjZO9CuxJ8S7bq2fVAG2vn-hweo5oxf5subV1tOyVxu2zZVERbq0l0gDFWyrqnKEUyPdZ2a6AsFoTiq6kV6as9gjbaWWfYYHLIghvoMMdG61fgG6j7VfsmE19aTFPtmqaH3y7cwxCxLxZnz1xzDwE-ZvsPkx64ZsBFZ2c2R2ekMlmpvGhwfhkTwljz5HtdWXBNdYEoDX43d4iko9YWD_0bZu84srJkIzB0soBDLyZ2pS0ddu-MD7Myvb8_Tp-kB24_bNZI4keiWG7nuvaIGF826Q2ellprU3vgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOqH2rGdwYMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY5MTI0MTQwOTMwMzgzNTgYAA&sigh=mQRKmITHHz4&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_lJB14dnqNZOegQbYyUvxbBWoxZdApyvFVxkEZbaIgiFs55KoGg5S2GlI1hcxcIx3E_2SogooC07wnSm9qyUu87a2DCCcUGN8uhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=4240431096&adk=976199221&adf=4076056445&pi=t.ma~as.4240431096&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271275&bpp=2&bdt=364&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=350
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 12:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 334E 0
126 B 119ms
29ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RLAJmAKdg2ICAgAAAC1L-QQqI1sieNEI2BBXVJVl2NmxYW8EbgAruAAAEgAACgpBUVVCQVFFQkFR&wp=ZZVUVwALIUkD58MVAAWAPGLUXiFHN_Egs6k9ag&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 127991
server: Kestrel
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame B67B 2 KB
639 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:25:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B67B 2 KB
822 B 47ms
46ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B67B 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B67B 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B67B 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B67B 194 KB
61 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame B67B 37 KB
15 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
DATA 200
OK truncated
/ Frame FF27 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea8eba648e13a35160f381731fc8f71174dad01944882a9d31c9bacb17fe37f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame FF27 20 KB
21 KB 130ms
74ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 10:23:28 GMT
x-content-type-options: nosniff
age: 180664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 10:23:28 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7ABB 4 KB
671 B 57ms
56ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 10:40:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7ABB 205 B
520 B 48ms
46ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 22:18:58 GMT
x-content-type-options: nosniff
age: 396934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Dec 2024 22:18:58 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7ABB 604 B
696 B 49ms
48ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 21:31:42 GMT
x-content-type-options: nosniff
age: 226970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Dec 2024 21:31:42 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7ABB 16 KB
7 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 03:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 03:25:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7ABB 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 02:25:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4BA6 23 KB
9 KB 84ms
79ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CC6 143 B
166 B 79ms
75ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4BA6 3 KB
1 KB 86ms
81ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4BA6 20 KB
8 KB 85ms
80ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 11122804780527645061
tpc.googlesyndication.com/simgad/ Frame 4BA6 47 KB
47 KB 88ms
82ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11122804780527645061

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ac9e96103c018515a77e8827889d2e5803d1f9dd29924486d8934b6ae30119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 21:59:47 GMT
date: Wed, 27 Dec 2023 21:59:47 GMT
x-content-type-options: nosniff
age: 570885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48401
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 15:14:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BA6 194 KB
61 KB 105ms
100ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4BA6 36 KB
15 KB 86ms
81ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 13:49:15 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame B67B 18 KB
18 KB 213ms
53ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSJSifVBriqDBOJB1ufoYDRHPpRwLqljWdqlv6i20Q6Me6D_Rt5ET7aac_qbw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69199e1c1f8f41e43055291b3a24188ea5bd90899ab240fe8957d05170779b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:48:06 GMT
x-content-type-options: nosniff
age: 121586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18041
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:41:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 01 Jan 2025 02:48:06 GMT

GET
DATA 200
OK truncated
/ Frame B67B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72779f9a5e02aeb99796c6bde1edc8d07ef8367c6db74b940c07ba25770a19a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FF27
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca80dV1SVZYKkK8-sn88Py6Oa0A-DiYP8coeD6Z39EcOestHrARABIJPr3XtglYKAgLQHoAH8qP7MAcgBCagDAcgDywSqBPUBT9C7UOLHAmnI1xNtJbRcD4fObUZcfOT48i5QBZbJv3lzQk3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225583551329608183316%22,%22debug_reporting%22:true,%22destination%22:%22https://mixfriv.com%22,%22event_report_window%22:%2...

0
0

83ms
49ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225583551329608183316%22,%22debug_reporting%22:true,%22destination%22:%22https://mixfriv.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22429888636%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212219166655958531969%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5583551329608183316","debug_reporting":true,"destination":"https://mixfriv.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["429888636"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"12219166655958531969"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:34:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 12:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5583551329608183316","debug_reporting":true,"destination":"https://mixfriv.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["429888636"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"12219166655958531969"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 3653 14 KB
1 KB 78ms
78ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:16:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3653 2 KB
822 B 68ms
68ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3653 23 KB
9 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:50 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09D8 143 B
166 B 63ms
62ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3653 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3653 20 KB
8 KB 66ms
64ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3653 194 KB
61 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 12:34:32 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 3653 37 KB
15 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 08:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 08:12:43 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame B67B 20 KB
20 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 10:23:28 GMT
x-content-type-options: nosniff
age: 180664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 10:23:28 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame D475 51 KB
19 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 12:51:06 GMT

GET
DATA 200
OK truncated
/ Frame 4BA6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3838d1697f69c479fd8f58b0b12f86a5eb7fae3554636874c232b37c47e5f5af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4BA6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CXc9dV1SVZeGkKdfLn88P5fae-Arc4KbqdLmVrIKdEvvz9P0IEAEgk-vde2CVgoCAtAegAYa52f4DyAEDqQILbjh2GmSyPqgDAcgDyQSqBN0BT9Dafha_Uo_nHJ7IeNZ0ZK4Lp3B6xJGAlh6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211329402005417829310%22,%22debug_reporting%22:true,%22destination%22:%22https://welthungerhilfe.de%22,%22event_report_wind...

0
0

49ms
49ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211329402005417829310%22,%22debug_reporting%22:true,%22destination%22:%22https://welthungerhilfe.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071012998%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223731881049021451169%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11329402005417829310","debug_reporting":true,"destination":"https://welthungerhilfe.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071012998"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"3731881049021451169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:34:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11329402005417829310","debug_reporting":true,"destination":"https://welthungerhilfe.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071012998"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"3731881049021451169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5CC6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
28ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:33 GMT
expires: Wed, 03 Jan 2024 12:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B67B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfMqgV1SVZaCiKsmF2OMP8Ki24AT6w_eOdcLFlLGrEZWog5beQBABIJPr3XtglYKAgLQHoAH-2Yz8KcgBCakCC244dhpksj6oAwHIA8sEqgTiAU_Q78PCDcNIXysBirgx9QasDa5AZOF9CBx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222867863269675242461%22,%22debug_reporting%22:true,%22destination%22:%22https://glimora.de%22,%22event_report_window%22:%22...

0
0

64ms
63ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222867863269675242461%22,%22debug_reporting%22:true,%22destination%22:%22https://glimora.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211266108670%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22329823564423776129%22}&andc=true

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2867863269675242461","debug_reporting":true,"destination":"https://glimora.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11266108670"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"329823564423776129"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Jan 2024 12:34:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2867863269675242461","debug_reporting":true,"destination":"https://glimora.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11266108670"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"329823564423776129"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
50ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 12:34:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C930 51 KB
19 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=9374946466&adk=2497515388&adf=795461750&pi=t.ma~as.9374946466&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271268&bpp=5&bdt=357&idt=309&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 12:51:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
50ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 12:34:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 50ms
49ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 12:34:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 09D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:33 GMT
expires: Wed, 03 Jan 2024 12:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 12:34:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9660 51 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: www.japanesesmileyface.com
URL: https://www.japanesesmileyface.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 12:51:06 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C12C 51 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 171807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 12:51:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF27 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfx2zQ6ecQ9E1l4vjmejeNnfVaSWgiFZ3kYcNoKRq-L4Lxve0CIitT84-EQqqdBVyjJrRY0nizHOSnB1osHDMMEggbrTK7xsLNGivmd9WefYIPiykz1Bk0wEoZV2Sc3GM9ATaTqYpV-UlySq2pieUpKWww&sai=AMfl-YToDYoQ041-yn6xs3CK6MXZCYmJvQwY8xm6Pm6KEoYiWgwrFDiDfachnWf9zpa0d_cBkD2z6a1McsorVCvRzk9GOp1vxHZgbW24HPiJl6iQRsaZkMwv0E0b5ZqquHHClnglQbDvyaegoDxbPYKqAQ&sig=Cg0ArKJSzPtGOFFUyxJPEAE&cid=CAQSTwAvHhf_0pQ4cs_bKRFvaMG_anq0t-gSouXQMv8_AAuft7W8UNru5sKJXBtpYFO44o7omY2EyiBq611F6JZfQHC3OD719lPhmAfCrZ-rDTwYAQ&id=lidar2&mcvt=1003&p=0,0,280,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2497515388&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704285271607&rpt=1301&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B67B 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYi932Wa9GEN2u7FNJlMDle_Z04pUPrcFrB7CvQfYAHTddKfvLuk2UsLq-4KuBAg_AK9UcGwl06LPgXY15dAqnqifs6wxREbTQNa8L5vkr1aX_hBrfAuK30ykn8oFPPF8coJ5fWkOnrJd-avPFhN1v1cF6&sai=AMfl-YQAIJvY-6Y20OeaABPEPb9Ijv3WNqA8z04F4DtA-h_Kbu29jSS8pt7q_Ytkn_hvrTFjBjEuGbtuIyO5DIg83LbOJ1UmPgGbEbP01S4VJ7rTAE0f8Lzs-6e5G7-HlD4rBBzNKECFHnnSJlXXBPv7&sig=Cg0ArKJSzGt2p3s1bbtWEAE&cid=CAQSTgAvHhf_9UvaxHZEFcSbFirEZYJXS-AoE-f2IjpGR3Lg1Igb8ww1ePun5hJF7cdMinQKtMhT3z9LEWtwfYZvNkYFl_XQugkbdcgHOL63DxgB&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2497515388&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704285271588&rpt=1456&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BA6 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR7yq8Yq1yJnKdy-2H1i1Y3mf9TEj31yLx3D5H5rLwUM_yRAAm4cIpKVKL8aM0rY0dWgLxDPStHZNxxwcMJDJW8_HKeN8RsDgICqDzvTJ5rqFMMx-TFTmHfdXuJ8y_SqEuADyNl8BwcI4dKvAqPj8C7czZ&sai=AMfl-YSm4M5bfkvPjPmrscSNSRQzrhwYyO-dWSzPVXkQTaTTSXYe_Sar4slBIg21MYuiKnAWESc0kNILa6GltUazAstzfgddSULeBLuzbcQRaBxa5HxMgMF-7CWeJaO-jH0myC7TJHlb_V8xKE_q1tlyVw&sig=Cg0ArKJSzErs2z9Ii7LEEAE&cid=CAQSTwAvHhf_rd0Ws5Z_on6YAfxGJhU9mTIB_NHKiRnbGGmNekI4yDQpma4wlHAp-OyOcKtJKNLsMxeWKwXWPSI6M2acTNC8hCs39moHxbLBzrsYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=135,730,1000,1088,1088&tos=135,595,270,88,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704285272608&rpt=381&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N4F8SC6X92&gtm=45je3bt0v9134926511&_p=1704285271089&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1885164260.1704285271&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1704285271&sct=1&seg=0&dl=https%3A%2F%2Fwww.japanesesmileyface.com%2F&dt=%E3%82%B8%20Japanese%20Smiley%20Face%20(%E3%83%84%E3%82%9A)%20-%20%E2%96%B7%231%20Copy%20and%20Paste%20%E2%9C%85&_s=2&tfd=6456
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4F8SC6X92&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.japanesesmileyface.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 12:34:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.japanesesmileyface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.japanesesmileyface.com/	1970-01-21 03:00:45	Name: _ga Value: GA1.2.1885164260.1704285271
.japanesesmileyface.com/	1970-01-20 17:26:11	Name: _gid Value: GA1.2.1438249281.1704285271
.japanesesmileyface.com/	1970-01-20 17:24:45	Name: _gat_gtag_UA_178390608_1 Value: 1
.japanesesmileyface.com/	1970-01-21 02:46:21	Name: __gads Value: ID=2469e6ff2ed4be1c:T=1704285271:RT=1704285271:S=ALNI_MYt9C9xBuL_xSHXEmAuNFF1OEz_eg
.japanesesmileyface.com/	1970-01-21 02:46:21	Name: __gpi Value: UID=00000ced3f85e521:T=1704285271:RT=1704285271:S=ALNI_MZstfM2bPPQrJxdygxAZ2XaCydX3Q
.doubleclick.net/	1970-01-21 02:46:21	Name: IDE Value: AHWqTUlX2Sk8GvNSNbM6eK9rAtj9oDfLhVP_9Ji2PZlW0pimiPbhUXgXy-gb-XRO2_g
.doubleclick.net/	1970-01-20 17:24:48	Name: DSID Value: NO_DATA
.japanesesmileyface.com/	1970-01-21 03:00:45	Name: _ga_N4F8SC6X92 Value: GS1.1.1704285271.1.0.1704285273.58.0.0
.googleadservices.com/	1970-01-20 19:34:21	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6912414093038358&output=html&h=280&slotname=4240431096&adk=976199221&adf=4076056445&pi=t.ma~as.4240431096&w=1200&fwrn=4&fwrnh=100&lmt=1658423019&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.japanesesmileyface.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704285271275&bpp=2&bdt=364&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5439454602137&frm=20&pv=1&ga_vid=1885164260.1704285271&ga_sid=1704285272&ga_hid=244423346&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C95320868%2C95320885&oid=2&pvsid=223879984055069&tmod=571425250&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=350 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.japanesesmileyface.com
142.250.185.98
178.250.1.6
2001:4860:4802:34::36
2606:4700:3032::6815:e87
2606:4700:3035::ac43:9f2f
2606:4700::6810:3865
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
0453b5ae10fa576c95619caa4c47c047faab17119c6f970ef98f258e5273373f
09307bbc4d1d424f244c512e00bb478f616a3f664ae2d1bb3f744faf2c853f39
093cb1c2bf58b9ded163ba025055e775d5866ccaa1d2d2353c35733ba455bc99
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ece8a954f0b636dc29457ccd9c5439fbfb8114fda5da158255dc95d4c642ac1
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
179a8680629080abd80b70116942f200118cd8e1cca390c1074eebe605ce9da8
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1918823919f7d53899472a7a00fa6a73769e360171468c23d1720382c2eb8224
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20ac9e96103c018515a77e8827889d2e5803d1f9dd29924486d8934b6ae30119
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a2c98d51211ceb352ee4910835764201d1fab173a261b6e60f57afb0411bfa
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3444768eebd17aba32dd3fcc9b73ade9c46b0c3a64d77fcc37b3e2a371fd68e0
3838d1697f69c479fd8f58b0b12f86a5eb7fae3554636874c232b37c47e5f5af
3c66901d9f2ebc2b7c23baddf4089a68c732be5687a1327642e0a746245b89ab
3ea8eba648e13a35160f381731fc8f71174dad01944882a9d31c9bacb17fe37f
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
452a6ea0f26754308eecfe205968b5da30664b8fe246b27ccc5035f9bd46166e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b8dab46535b54671a86c044684c2b65cb466dfaccb96348841edbf4f0473211
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f74bf7263050236f11883a5b9223f655ad9bd1b3e7510749d1359ee11850d8a
52e1f9dc61c160aadb2877e87b863375dd7362aaf21bbefaa4846009e8472ed5
53e381c986617d412aac6ecbcded6d80a24733b58ff6e66dc59780650b9cdc7c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583ec5f91fa0e83d9515fcc66fae605e4fd37cacf0d702153cc9b16867d5a0c9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e9b01efde9d29d7dd881dba1a0d7ea7ac32d73baafdb300cd371a8370bb0a51
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69199e1c1f8f41e43055291b3a24188ea5bd90899ab240fe8957d05170779b1c
6c79dc95481593b76c941133ebae36f18960a9017a4be5046de282aec271836d
6d925fbe255416b8e388d01caf8efa6b9f98b75f8a0c66db6b7f05aee815540a
72489a288c3e135b44c2d14efa91a8782f185b3ce64466821835de89470d13c6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72779f9a5e02aeb99796c6bde1edc8d07ef8367c6db74b940c07ba25770a19a5
7987f90d18c3ec602ba45e01b27be83d6e6cc4d1720218244f440baa8db8b3b3
7bd68ebd35e57e1457f5557f9826402fb3c9ce8f329cac026491b6b38917db32
7d957e13d32b2a6038d755f5df44e90b08bbdc90eccb7f27c995e130725a7376
7e75d293fae446fb8fd492b58c4a4420bd66dd9186ee8bb0281f043b95e16ea6
845f85e1514e9daf9bbdce8848cfb2291516fd1c08b33b5442866771fdcae064
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ab23e96e5c3e457872aa0a30869a8ba2effef0148bec91a5fe102f59c9a78dc
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90ec29ec2d1b1696645bb99691e88ef42d64ef16e56d06216280be48bcd03918
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6c7eaad3be5797cf35efe06e7d9312ef00786dd686a88915bf6d41c1a307b0c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adccaca3270a297ed9680793974ab97b50241614435626d83f9605fa0a74dd2a
af296f59d1316c26d0e92ca227ceb23bf4764f1186d59fa176c899fcd4a45533
bf2aa4deb5a050caf8be7bee8a16689901412775a9378a703bce91b772788f01
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cfb0a1ae5ac491b9057b861de7f66cf4c166cd9e494c327700c5bc0825ac737e
cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1
d266261823c5e67c5d479c9da7cc66c353e339ddbef039af9c9ace8afe1ce615
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bdde39e3bcfe0705c8bb2b01e9afb55a82df04ce33d61cb4542c853f604dee
e670b690ebcf7f7b72df0a1af4add67651c0d011c9908457ac9ddcae50a86c9d
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
eb13c3ca397e81129cd375ec854b0fd96b99df15e9c3d2bab4f8423b0ad235be
ec573a330c5389b1106dbc193c79cbe8fd434f273f6ac388220f595068131cfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2992ac734f6105027646a032c64bdefedd87ceb85175b531ccfa044995eac2e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.japanesesmileyface.com Open in urlscan Pro 2606:4700:3032::6815:e87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

97 %HTTPS

92 %IPv6

15 Domains

25 Subdomains

26 IPs

4 Countries

2477 kBTransfer

5298 kBSize

9 Cookies

50 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.japanesesmileyface.com Open in urlscan Pro
2606:4700:3032::6815:e87 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

97 %
HTTPS

92 %
IPv6

15
Domains

25
Subdomains

26
IPs

4
Countries

2477 kB
Transfer

5298 kB
Size

9
Cookies

131 HTTP transactions
4 data transactions