Submitted URL: http://faceitaccount.com/
Effective URL: https://faceitaccount.com/
Submission: On December 24 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3035::ac43:b228, located in United States and belongs to CLOUDFLARENET, US. The main domain is faceitaccount.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2023. Valid for: a year.
This is the only time faceitaccount.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
26 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 172.67.73.121 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
3 16 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::63 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 20.114.190.119 8075 (MICROSOFT...)
21 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
6 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
93 15
Apex Domain
Subdomains
Transfer
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
598 KB
27 faceitaccount.com
faceitaccount.com
230 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
129 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
c.clarity.ms — Cisco Umbrella Rank: 1377
x.clarity.ms — Cisco Umbrella Rank: 7265
28 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
55 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 startbootstrap.com
cdn.startbootstrap.com — Cisco Umbrella Rank: 421890
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
766 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
24 KB
93 12
Domain Requested by
27 faceitaccount.com 1 redirects faceitaccount.com
21 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
13 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 pagead2.googlesyndication.com faceitaccount.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
6 www.googleadservices.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 x.clarity.ms www.clarity.ms
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms faceitaccount.com
www.clarity.ms
2 cdn.startbootstrap.com 1 redirects
2 fonts.googleapis.com faceitaccount.com
googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 c.bing.com 1 redirects
1 cdn.jsdelivr.net faceitaccount.com
93 16

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
www.faceit.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-15 -
2024-03-13
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 14 frames:

Primary Page: https://faceitaccount.com/
Frame ID: FA8186FC999A6FA7D8FA14AC0942D89F
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: DF305A611DE06EF6D6783291AE1865F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7369860710936848&output=html&adk=1812271804&adf=3025194257&lmt=1703402413&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x810_r&format=0x0&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363291&bpp=3&bdt=394&idt=260&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=280
Frame ID: BF49764F58F69E251966EDFF50CC70D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Frame ID: 4E6616210EAE6A2AC3E5DE329335B471
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Frame ID: 5A1A973A64E9B92AD53E00E645DCF831
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=1141859776&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=399&idt=313&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=315
Frame ID: DF6D34F956B8DAE8C68A57D08DEFCF5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Frame ID: 824E8EB23B09CFBD5BA35B6231BAD9DF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2101E36570FB60B48DEC59CC2E428A38
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4F270524271AED4843DAE1136EC2B45
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A359CDEAFA1B5924049AA69009F205E0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97746C4187AB05F7B3B4D585E06E04A9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D6A17E35968127CD405A198690255902
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 114B78F0D85D7811E9E9A4A2B6F46A8F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: B2E985930E0F32C78058FDC4E6241807
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Faceit finder check FaceIt ELO and stats.Toggle Menu

Page URL History Show full URLs

  1. http://faceitaccount.com/ HTTP 301
    https://faceitaccount.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

93
Requests

95 %
HTTPS

75 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

1261 kB
Transfer

3392 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://faceitaccount.com/ HTTP 301
    https://faceitaccount.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cdn.startbootstrap.com/sb-forms-latest.js HTTP 302
  • https://cdn.startbootstrap.com/sb-forms-0.4.1.js
Request Chain 39
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&RedC=c.clarity.ms&MXFR=219B5B6115B2614E3356489011B26FAD HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&MUID=1B048E5DC7BA6A4B3FBE9DACC6686BBD
Request Chain 63
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4Y47Y1yIZbTAJq7N1fAPlZeH6ATyn7PzdPfv44TdEffV4dH8ERABII6J9p4BYJXikIKgB6ABhtfXvQPIAQKpAnH13JJmerI-qAMByAPJBKoE_AFP0JR5T9gMYX_5pqUU2f7H7tm7qE1o9jPPdEj8i39bCeK7cMPm99jPoxJ0e6FsJotGXHo2NsfUBZqysuLCb7XyK4sLvwvVX1_0PhlvIkf8ryGReUOehl_A1HNi9BayNHcaVWPJCWa_4xiBqCKp0nYmlNnNS8fNoS4U-f3pC1Lal9zTbPm1sT7V8SwHExaK8RijA5PJXYveSfgR-QcaWYwKtHUBnuGI8Hg2icZW8JAVbcU_XgbZsQTSWgjFJTidMPtAVRmVbiQCBkiMoT8jnDqDwYGa2VefQDueXU489V8sOKx50lpyeLAi_oI3_FcnyuzQBiKt9DMovN8VsprABLiTzPS4BIgFuuS5jUySBQQIBBgBkgUECAUYBKAGAoAH4qioQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPjAAtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY0-L8nb-ogwOaCT1odHRwczovL3d3dy5saWxpZW50aGFsLmJlcmxpbi9sMDEtMDU1LWIwMjNyMjA_dm91Y2hlcj1zcGVjaWFsgAoByAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItMjkzNzkxMjczODgzOTQ2NBgAshgDIgEA&sigh=GIAhUO7nmr4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_GDYwrhzlMOwI3zBMMLyfUtBhrGVWHEVinJBqZ0Fy0fkqHJNNePaiodLB5VtZHJgn-P4FljL9TyBr-t6mapWUxWDFbqORWbPvGWgYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221254140504175104687%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22475981393412094001%22}&andc=true
Request Chain 83
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 84
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEujpY1yIZdn-JrTF1fAPgJ296A7yn7PzdJ_144TdEWQQASCOifaeAWCV4pCCoAegAYbX170DyAECqQJx9dySZnqyPqgDAcgDyQSqBPwBT9Cm1BkhAFamCIRCb6yfNpJ_MImb2rejKWS65b2v14f3DGWeF7hlfkr5TVtyngG3qtnWasUIGQteG95MadFfXoNXQysiYFQfGjUyP8w5rQEbKFkek6R-ZCeIIdzVxxJlqrpr8gbxg9OQRsof_7X0DTvz7xZyPqaumDUyJrcLbKWN70AnVe6fNkOoEg4O7iyxw6D_Oj4_mm1l7vmxXhLm1RdavYVxi_PwbgZTXXTHSyjyU1rkUv5kDcyQU-iZQ0DLZ0zeQM_u4KVhYXPfxN3tz2ycNZI5-0R24S_FVyQkeW4EEy9fSYWkmHayXwVl1Ti1R3QkSkP6f_VTKz1FwATYlMz0uASIBbrkuY1MkgUECAQYAZIFBAgFGASgBgKAB-KoqEKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCZywLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLqW_Z2_qIMDmgk9aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vbDAxLTA1NS1iMDIzcjIwP3ZvdWNoZXI9c3BlY2lhbIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2BMN0BUBgBcBshccChoIABIUcHViLTI5Mzc5MTI3Mzg4Mzk0NjQYAA&sigh=8WgmfR5OxYs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vCRRxQw9AENqHc9bfMJtIjHF2-ZVB1sbd6JfPQgkUZEV63KwLhOSd0tSCe-SE-GVLDr_cvn5NBX7voITFeTzqKihwclzoowRlhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223783046362323493827%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216886753358278292961%22}&andc=true
Request Chain 92
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CW2ahY1yIZdPrJI3a1fAP15e2uAP44__3dNX95t3TEM6lu4aMDhABII6J9p4BYJXikIKgB6ABhtfXvQPIAQmpAnH13JJmerI-qAMByAPLBKoEhQJP0H3ma7Jc3bdcV9pHir59eLHl38W9PnZkhzXAwITUAZituOktANcEf3nCZo8xMJnia1LKYgPjyk-hvgo19I3PjNTvea_8QlaD3pmqSXCkaEmcxBAOTJun_iSXMjdSkItIYKBIgZ_A9hwG7AuhMGZKJcIopMQ-7tSmOeo6OOVyIQCw7846HRxSAI1I0g1EAp8oYc7_w5omel74hatOxF4TOvlGkWh-gOYEIqpaJE6WtXCs4AQYYE1BgbfSDUAUJcj1TW27szpq7QPUgZFr5ZULaMUfA1ExoWfoQ1w6viPLF7rMx197YIELJjROo1Lernyezz0ry8RCoHw6jT5aoRsawhMs6I7ABMCtrPiZBIgFjb2880aSBQQIBBgBkgUECAUYBKAGLoAH4qioQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIi7B9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-or7nb-ogwOaCTxodHRwczovL3d3dy5saWxpZW50aGFsLmJlcmxpbi9jMDEtMTA4LWIwNDBlYj92b3VjaGVyPXNwZWNpYWyACgHICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxArgT5APYEw3QFQGAFwGyFxwKGggAEhRwdWItMjkzNzkxMjczODgzOTQ2NBgA&sigh=UcLOl5h9gwc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_jky6n2PJV6djXrTE-ZxzX_Cli8waO3H1ja-lPZXumCpIr6D0KpYlFNR6KFT-fczgC1-1PEgeg6fnZ2ib1uw1N2JXZ4niLE0GEGMYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226375710255018270172%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221896249057050334481%22}&andc=true

93 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
faceitaccount.com/
Redirect Chain
  • http://faceitaccount.com/
  • https://faceitaccount.com/
247 KB
56 KB
Document
General
Full URL
https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f55ef4e8e0880dc0370168d6f1999420562dc02cd6e83b556c3f09688899be
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
83aa39083b470e4c-AMS
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 16:29:22 GMT
expires
Sun, 24 Dec 2023 16:29:22 GMT
last-modified
Sun, 24 Dec 2023 07:20:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform
hostinger
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaXM4kbzKPbQk6oemVoJCHVAF2HB5%2B3ORq5yHYHJCWbbYdGWMBjtfPIivF4SZhanACGwfunueNYqXPCbwcC3iOoq13A2K4PDxd5dWbm0wKOoD%2BmvoHAqG7ldWDfand4Qoi1MtoPKmFcM4oNaNmwuNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

CF-RAY
83aa3907cb82b790-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 24 Dec 2023 16:29:22 GMT
Expires
Sun, 24 Dec 2023 17:29:22 GMT
Location
https://faceitaccount.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpfEQBN17EnSgySh7VWssMkSrrEGT76kP3hPesYHvuEG6Uh1NWi7mFvyDO0zy%2FmEUwKS3p5757KHj09u25IwbP%2FKPR54DEMGnNaEokZA3da7aJLAFPAwkLWiL%2BAfeWaFI2z3mcPdnkBSs8XwgoA37w%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
styles.css
faceitaccount.com/wp-content/themes/kadence/faceit/css/
202 KB
27 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/faceit/css/styles.css
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84aef9e5ff9e3c7f93ee52559eb300c26540d391a5f78fedf6e2d91bdc1df5ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
852539
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 Mar 2023 06:15:32 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvqmDEZy44kjaf6e%2BPfvCKnAhZSTeoB2SfdmfMyZfTzDRYKteoyCEL6LbUICGv3THfN71QFnUrF0u8UsJnRevslMCt8Xa8qNX8kzMjYaLrmcBdQk1sL738Dg24DEb7j%2B7rkYb6jPIsxnPnTaS%2FzACg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2de70e4c-AMS
expires
Fri, 13 Dec 2024 19:40:23 GMT
app.css
faceitaccount.com/wp-content/themes/kadence/faceit/css/
16 KB
4 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/faceit/css/app.css
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1569a0207938890151c0886960e607b3ed8a88836a10014d391dc33e7498f62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 Mar 2023 06:15:32 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWcw8LAj%2B3yf8l2u6UafSyx5mqanOUJUiFEpefPtRaQ9ubijWPvmzopQxajKKGbB8HMvR54y8iT7N8%2BwN48Zrj7oLKMyGqWFYV9r1zUdS%2Bm00LVU1veKKi%2FERlkq%2FTE%2BUcN5kksTv9V0ds%2Bc3LMY3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2de90e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
flags.css
faceitaccount.com/wp-content/themes/kadence/faceit/css/
260 B
434 B
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/faceit/css/flags.css
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd44598f061a016a51854f15855a333a18bf2c97f842d7da995ea0e8566c7b4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 Mar 2023 06:15:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1A%2BIxQp5wNnPEBnpJQ9Ee0mhQgx2CJUNVLQaQK3ckW9jcqZSpjLysc2EYgQ3PwsdgPiOiDCBzOy5gPnioXGWPv7MpSd5qcUsLZsamRMKshRQ3WOa6UntVnl3daCZITQ6kFtmu1Y%2FPLACWGwPM2Nng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2dea0e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
level.css
faceitaccount.com/wp-content/themes/kadence/faceit/css/
10 KB
1 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/faceit/css/level.css
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4da81ba63d1e4839ead234864a23c514f0774ee4e26d8b27d18eb786a5f177c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2163763
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 Mar 2023 06:15:32 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUDPhPGdTrCAk8XolBbM6Jkz9GySmM9NuUw8wy%2B17OxbJrMQANMaHpWeno4vPZOGBTMSR9PncW230R1ASv8X7yWUjM%2FmfiZX62UJFHspOgboEAEixDTo8RniVQ0QI2clknsLdBVGHc5SAAk6br7O1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2deb0e4c-AMS
expires
Thu, 28 Nov 2024 15:26:39 GMT
css
fonts.googleapis.com/
1 KB
853 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3Aregular&display=swap
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 16:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 16:29:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 16:29:22 GMT
rocket-loader.min.js
faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye41tOIvlsYqfiGitFqERUnw5z3v%2FLozcjGSmCGHSCxK4OSBJ1tKG0Bnt6WfTP4QdzfFOhVSSnaN%2FBzvCygIAzmmGPzwe58jxhAhRxWK3MXNm1ThSi%2BzJina8lwR11HM2sZGRG9iwnrj6cZU1JCF5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
83aa390a2dec0e4c-AMS
expires
Tue, 26 Dec 2023 16:29:22 GMT
style.min.css
faceitaccount.com/wp-includes/css/dist/block-library/
93 KB
13 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 20 May 2023 13:16:50 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gG68pmfcGmP50iH1I24zqK%2FdjHH9Sf%2F9IYPKNSxa7v%2BbWSms2DnSiKiFjPJsXo%2FD7g3A6xlIof0jbNn6t7tZVGZiO9oflGE9hUh%2B1365M40NOMe7sJB0zFZ4Snk2WeUwb%2B%2BJrcB4bGCj42kt34NeBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2dee0e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
classic-themes.min.css
faceitaccount.com/wp-includes/css/
217 B
500 B
Stylesheet
General
Full URL
https://faceitaccount.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2011958
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 15 Jan 2023 13:16:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl9dBMr%2FHAy2nngcFqAeXnAEu9RbN1QCuwDsOSUdYwPyLzAprlClAHrYJn%2BwsaF45Gi9kT70dyc2ZcCq9cuGMjskIlWlUGR%2FEPz5hM24QJzec05%2F5RG0mXQhBdD%2BLIQd8n3nh1NZKxS4D1Dnl2v0hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2def0e4c-AMS
expires
Sat, 30 Nov 2024 09:36:44 GMT
style.css
faceitaccount.com/wp-content/themes/kadence-child/
462 B
668 B
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence-child/style.css?ver=100
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ef18d5a7bece47c9b4bdb8d4adb37c9bdfb0ef492175d6d069fd08ffb4417ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2011958
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 04 Apr 2023 09:29:51 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrloWV437tvCdAQkrPrTLV1axoMm1wUNoPRi45ui9mdJnLYOOBpwqyZruSe3fKobsBGc0ygMrm2WrctRrGYRM5TdTi61LeVNXSfmPW6DdjdfuJKJcajzZJNv8Zy3uEx%2FMJLoR1lPKGya67sCwWoPug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2df00e4c-AMS
expires
Sat, 30 Nov 2024 09:36:44 GMT
global.min.css
faceitaccount.com/wp-content/themes/kadence/assets/css/
20 KB
5 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.34
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 01:17:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb%2FP40aQXUkwSqP6fOvFmT%2BRN%2BuNvX%2FosU6BRPFEABfAGCvAnuWZOz2X5TEMWjhje41fdNBPpuiyXQJZvs5mNnSwaPhtk8FJztchNpBE%2BWDp4lAKFOLqJlZVguvOBytLeAc6wOMr6VMFhW%2BhRCH8pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2df10e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
header.min.css
faceitaccount.com/wp-content/themes/kadence/assets/css/
27 KB
5 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.34
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5405ca68d94de128d658b9e172d95e4341a4e454a6039920e89722fac899830e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304982
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 01:17:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SN9%2B1nQoCCAm81Ug3zImC2VZt%2B%2BJe3pJQduY1cDjpCa6ZxhFAsXsC4Vrfzju1JNh4kM9JX%2BxwNtzM3aAuProE5SMF6MF39N3xktUXggEeuV7LdNJsHYJyF6zafuul5m48D1Z6eYbWwslE%2Bs0ZYpV4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a2df20e4c-AMS
expires
Fri, 20 Dec 2024 03:46:20 GMT
content.min.css
faceitaccount.com/wp-content/themes/kadence/assets/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.34
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 01:17:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mh6EvzFqj7tfdgzfe3WJWBCIdsV4V8KwXMgs%2FjWvTVFaT3EQJYoTqYaTIGVFwEWzp7ElgXcFGcuSLDh6Ozp3yk96V47g7baJ11MjSXmJdbTNmWmt%2Bi3MT9ugcRn%2Bfj%2FZgkXX%2FX3%2BsHG228VTHUQTUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e0a0e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
footer.min.css
faceitaccount.com/wp-content/themes/kadence/assets/css/
18 KB
2 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.34
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304982
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 01:17:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN80dhRiXBzIrmSEfu%2FptYiJC3A2ZEIZgmdmW7Xmfztg3WiOAyPkgrCwtMQMeZy83mkhtIJ%2BWiFCFHHghlxR2dQ%2FqMhhKQfwx9gHH3gt%2BlJ4RgVhUElMyME%2B1M%2FKEipfmXcrxZjglZwwJTajnwfAwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e0b0e4c-AMS
expires
Fri, 20 Dec 2024 03:46:20 GMT
menu-addon.css
faceitaccount.com/wp-content/plugins/kadence-pro/dist/mega-menu/
6 KB
1 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-pro/dist/mega-menu/menu-addon.css?ver=1.0.9
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a314094040a719682393c8dc6df952aed02a927001de43a98a29cd99b4c7de78
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Apr 2023 16:07:37 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kS2cFOBP66XTan7nmIrHc0yJfgQMU754%2FUbt4wfx9MGyZJHhgQX1TQ3LOkmh47NDB2eWscZnoRMabWKllJTQkQn7%2BBOrq8I1wLrK%2BMKVODKOhfJgCacjyvSl3hlTruz3FgEIHdJbto1eW4XpsxXFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e0d0e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
style-blocks-rowlayout.css
faceitaccount.com/wp-content/plugins/kadence-blocks/dist/
7 KB
2 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/dist/style-blocks-rowlayout.css?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d94fcc0c9349f76560293ae0986197f1264368d08e484636262b25cf035345
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2268007
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBxUk3zcztAwG0XEOlVkJpeOrfdy3DzAqVv9f%2FZPzmhZkz4U5ysR9pWImlkKzpfY1QdShcfHhalYhA%2BQlZytKqj9Rp%2F1zTjFRXKLVMyN3X2h5fnA5%2B8JEyllK0yXY%2BrW2yfglAc7yz%2F4RVjMSzlmaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e0e0e4c-AMS
expires
Wed, 27 Nov 2024 10:29:15 GMT
style-blocks-column.css
faceitaccount.com/wp-content/plugins/kadence-blocks/dist/
1 KB
878 B
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/dist/style-blocks-column.css?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f185210b7acc418ca6d0293af547637096c0618f5f092f7fe31c8942e9979c14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2163763
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QArq1ZMzoCdb2xY%2FW%2BhBRwdMRmJ4mbMcSzCMQ2ce7TP8YIF8th029%2FGT5o5PQIUl6gjz8wEQqmPiuMW3n%2BWQYvzhFLzh7C%2BUA1qS%2FZ9SQLASh3gdLwyGXOLMByX0dzET8H0YoNS3HvOZFB%2BSeXAaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e100e4c-AMS
expires
Thu, 28 Nov 2024 15:26:39 GMT
style-blocks-image.css
faceitaccount.com/wp-content/plugins/kadence-blocks/dist/
4 KB
1 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/dist/style-blocks-image.css?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ccf1dc5c7dadcc9608e7f901b8e973f7fe56226e9ec37bd6bff6c941a748488
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
304982
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hN3%2B8JXqrOXqnyUAYgA%2BLsxUkVz1w2GFGTwX9T7IyMgy%2F2NGmcj2lX1BwJWNlL8Y5YmMPzGr9IIy85vcAP7vWneCc0wekDcZajGKXM3h%2B5BRxpV%2FaMRZm3HE3JSZrP5EG9vmYlxsM%2BwsP2RRzLCOXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e130e4c-AMS
expires
Fri, 20 Dec 2024 03:46:20 GMT
style-blocks-iconlist.css
faceitaccount.com/wp-content/plugins/kadence-blocks/dist/
3 KB
918 B
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/dist/style-blocks-iconlist.css?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd30aa862140d769d683108cbbf37213ab98135a909898c9dd683319cc62311
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2011958
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ez4YNV8IbEJeAhHyHaf5EumxdnBxBSa1pOjTrs8lMzeU20R%2F6WQCim4%2FsOcI9GNNviIm8sJIPz4Ond6y04aG%2BqqQX%2B8HOHzEK9yW%2F7fNc4abW7K2D8R7wmVw%2BZN6byd%2BZhR4D3L5faYz4gSGIdSexA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e150e4c-AMS
expires
Sat, 30 Nov 2024 09:36:44 GMT
style-blocks-accordion.css
faceitaccount.com/wp-content/plugins/kadence-blocks/dist/
11 KB
2 KB
Stylesheet
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/dist/style-blocks-accordion.css?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6036f292fdeb73865eb24ee0ebddd7c88959012842d8feb298843bb5ca31b6b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:22 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2266804
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izl76rOUHxo384ql3nxMLv37HmoWWtGH5fkuDaf9ZdFzjBEIkkUe95tE7KAqOEtjlx4o4KTF7HbynJnNhXQ7rbooCs5aEcc8Vx8De4TRfHWW9m2Kj9T8fAErEuND4lIzCmUL%2BajWVjhlrmlsu0PFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390a4e160e4c-AMS
expires
Wed, 27 Nov 2024 10:49:18 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b2c8d6c185efb0b2dc5331ad7e68c3519ed1efda6d7750852d89fa788339bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c63fa9d92b6805cf4a98e75b0b2d9f6054611c2b19aab8b0da34cc39bb9bdf30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dd49b8a02f8c728c325cb04b2bbe9451eff47e8ea2bcb0659f8014b49082f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3Aregular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://faceitaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:01:31 GMT
x-content-type-options
nosniff
age
458872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:01:31 GMT
lazyload.min.js
faceitaccount.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/
9 KB
4 KB
Script
General
Full URL
https://faceitaccount.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
162987
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Apr 2023 16:06:49 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXcOrD2LjTOzyy0VzQb1dnfc1PFBnipokN2GN9cDvlhek5mR3RLCSkev731vByc2p1z5h8kQRfueGe5GIJbNlFvLg5kSWCD1RqSAJj5uligdQRYn8KnzLJ7cue6gkPrJfsKG4wBPv2AFGEntFsnNcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390bece1f135-CDG
expires
Fri, 29 Dec 2023 19:12:56 GMT
float.js
faceitaccount.com/wp-content/plugins/gtranslate/js/
22 KB
7 KB
Script
General
Full URL
https://faceitaccount.com/wp-content/plugins/gtranslate/js/float.js?ver=6.1.4
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21220
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:19:29 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMok1n%2FLBSglOGLA2QbgD0%2Ft6w5fsJBxCyifrhxYkwLLWOxNMoA0ggWgx986k%2FfD7WHhPAOEj8mHNqca2iS7O%2Ba%2FZfwpuhUz1h%2Fx4D%2FlASTC87Eqb4qEtFZQ%2Fzy36NrC6v14u3%2BG4LEUyTEWNG1qMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390bece3f135-CDG
expires
Sun, 31 Dec 2023 10:35:43 GMT
kt-accordion.min.js
faceitaccount.com/wp-content/plugins/kadence-blocks/includes/assets/js/
13 KB
4 KB
Script
General
Full URL
https://faceitaccount.com/wp-content/plugins/kadence-blocks/includes/assets/js/kt-accordion.min.js?ver=3.1.22
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62d3330974ef7029eedc2f6e65bc8cdd268d92d6c002e2e3f2567fe44b8a498
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21220
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 19 Oct 2023 12:18:25 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfuRWbWsckBnqOBUbOPQ4sz6CaT%2FTeKxeHCsycW%2BPhpwxR2cmDn6tAYDTULjggjduoYr3Xzh7KNhrUiI7qA6d0AxlLZqh3s2XLwU8sWg6sR63e%2F8wQ2T%2BUNireToL0L%2BGZAtYd24vX9LrwWKiwCWAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390bece4f135-CDG
expires
Sun, 31 Dec 2023 10:35:43 GMT
navigation.min.js
faceitaccount.com/wp-content/themes/kadence/assets/js/
17 KB
5 KB
Script
General
Full URL
https://faceitaccount.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.34
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9d3680de0b0cae7c0000945d283a0e829b9077c514990dbc214ddcc8067c2b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21220
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 23 Mar 2023 01:17:06 GMT
server
cloudflare
vary
Accept-Encoding,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eciJTY1SDEcB2PHWIb595asS4ifokSYWSq8d0xvaxAFRVL8srm2xcxrMj%2FdBL1TNQD7HeEq8dCd27%2BeA8%2BDkdgRcpPUf4nIx0p19qAyrY4lP%2BjNZrbVbFrC0FLvLP0K67wP5oQz7YwfiOFP9px2Yvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
83aa390bece5f135-CDG
expires
Sun, 31 Dec 2023 10:35:43 GMT
sb-forms-0.4.1.js
cdn.startbootstrap.com/
Redirect Chain
  • https://cdn.startbootstrap.com/sb-forms-latest.js
  • https://cdn.startbootstrap.com/sb-forms-0.4.1.js
7 KB
3 KB
Script
General
Full URL
https://cdn.startbootstrap.com/sb-forms-0.4.1.js
Protocol
H2
Server
172.67.73.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c961078cfedf024e31ed276b96245dab929c1490256f484eaaee5e3a60c987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2037
x-guploader-uploadid
ABPtcPr9Kp5KIQ7XpdM_-yR84lMtsHR9ARkt_MR03obvbYVYI9ZpXwwH1uBj4t2kBjo9r0XRh7c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 14 Jul 2021 12:27:46 GMT
server
cloudflare
etag
W/"396b27944606ab87c159d9f8d7a3a205"
vary
Accept-Encoding
x-goog-hash
crc32c=gkvPRw==, md5=OWsnlEYGq4fBWdn416OiBQ==
x-goog-generation
1626265666422588
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxEm%2B3yEywaUx1UfYscW%2FXrMQ8cloimO%2F30le4QcI1hN8IMHEMfFZEdJ%2BXybpMZSgzPAIZkgjLoy%2F1tSJUWtLoPyKAR3czc1sI3atV3WDJ%2Fo5L%2BreSCDanAZVGmBb0tD1xp18yInzgw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2678400
x-goog-stored-content-length
7089
cf-ray
83aa390c3cb5360e-FRA
expires
Sun, 24 Dec 2023 16:02:16 GMT

Redirect headers

date
Sun, 24 Dec 2023 16:29:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiqiwfl6hjNSx07Qp5%2BzMWuv%2BL7yPsK8Mj%2FgQBueqynsWO8Qsctl4lMuQS4GbU0Hk2YOTeuk%2FYJdmQLZbTmS9xOOUwuPCb%2FKeUrQxh%2FK7fMsRe16%2BksKqtT1g6l7Ncu2gbYak437%2Bx4%3D"}],"group":"cf-nel","max_age":604800}
location
https://cdn.startbootstrap.com/sb-forms-0.4.1.js
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
83aa390c1c97360e-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/
76 KB
24 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2212993
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230101-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuviWwI2EdkdYnqD%2BC3YftBNbvzboljRiiLgzPo4%2BfQFB5fUOmnyvp5GnzIskoJUcjwF5CgcTdb9sS4HTO8pxGQU6CzhDjjHCgSuivjOEkQKuxFBOcwlDrPvlG9tinTwLizxrelU4mGIYd9v%2BMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
83aa390bff4718e2-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2937912738839464
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0ba579c51d0d1a5c3b1170204a76e34005fa232f9cb763a354fb6f363917599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Origin
https://faceitaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51485
x-xss-protection
0
server
cafe
etag
7032749340370715599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7369860710936848
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed5fc5573fcb530fbff76bf892395972a06ca6fdd0c64c741297ae82f52dffe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Origin
https://faceitaccount.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51289
x-xss-protection
0
server
cafe
etag
2717678643890416574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7369860710936848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9001f4fbce7d5daf4c334816d776401a13491858773cfd7e9584bfd1a9d8422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
8040006808057553646
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame DF30
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7369860710936848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61830
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Sat, 06 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gic5i0aj5a
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/gic5i0aj5a
Requested by
Host: faceitaccount.com
URL: https://faceitaccount.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ce31be8674e547e1166631b2dad857bf86a35365b2e58bb498ac8ff66719b666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
date
Sun, 24 Dec 2023 16:29:23 GMT
x-azure-ref
20231224T162923Z-k3tw13g0wd1ybdh66b4n1nv22800000006pg000000001fhv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
en.png
faceitaccount.com/wp-content/plugins/gtranslate/flags/32/
2 KB
2 KB
Image
General
Full URL
https://faceitaccount.com/wp-content/plugins/gtranslate/flags/32/en.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1257543
alt-svc
h3=":443"; ma=86400
content-length
1767
last-modified
Thu, 19 Oct 2023 12:19:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vj8aXV26ef3ENMNjhttF9sffcFkmJgJ2EpcVmWW28e35M%2Bgn%2BVJZJsCwNhWYU6V17Xnme5cXgb2Poulf6aqvc16col0mApcpu%2FkBPdBPpkzYc6o%2FRG2u%2F5%2BsUunUwT%2Fj64Dih6nkBizk0Zggm4cDyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
83aa390d1e51f135-CDG
expires
Mon, 08 Apr 2024 03:10:20 GMT
truncated
/
270 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
cropped-Faceitfinder.webp
faceitaccount.com/wp-content/uploads/2023/01/
4 KB
5 KB
Image
General
Full URL
https://faceitaccount.com/wp-content/uploads/2023/01/cropped-Faceitfinder.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6de3fab3356d7cd3597dc6bf9ca845e40894c82a9b6158e6bae2ad2c3761cdc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843544
alt-svc
h3=":443"; ma=86400
content-length
4110
last-modified
Sun, 15 Jan 2023 14:36:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiTd95OlTN%2FSHeGdsluvy1WXIJCBtyuUZAs0PFmd7MJaN3lbizGgOoGj2hr3Me932hdn33PYh07fAKmDpxWJYzSzjObHNAA8wGq72WxjZJlSkxpTuz%2BtFfYeVc%2F83lRImKQytexea%2B2SUbG9SBDBYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
83aa390d3e73f135-CDG
expires
Fri, 12 Apr 2024 22:10:19 GMT
Faceit-Finder-CS-GO-Stats.webp
faceitaccount.com/wp-content/uploads/2023/01/
68 KB
69 KB
Image
General
Full URL
https://faceitaccount.com/wp-content/uploads/2023/01/Faceit-Finder-CS-GO-Stats.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd71ebc79cd0b24246ac26eb40e965518922c50a2ea12b7c68c55d4e5625d17f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-security-policy
upgrade-insecure-requests
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1257543
alt-svc
h3=":443"; ma=86400
content-length
70142
last-modified
Mon, 16 Jan 2023 12:54:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQJ1gPFuUOOfL9%2BbWOHCMGnt6oT6tSSqewP%2FOcqfOr%2F2lCQ9kPDx44P7dMHMrL1qUWjD%2FnR67F8kobJFfaBbyDNfBQyoVjisBqItUrp%2Fp2bgOMgGs7VJoCFsBtFi0mMfyBk2wTo5UAl%2F0Ghvqb77TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
83aa390d3e75f135-CDG
expires
Mon, 08 Apr 2024 03:10:20 GMT
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gic5i0aj5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
last-modified
Wed, 13 Dec 2023 19:57:52 GMT
etag
W/"0x8DBFC15CAB825ED"
vary
Accept-Encoding
x-azure-ref
20231224T162923Z-k3tw13g0wd1ybdh66b4n1nv22800000006pg000000001fhz
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
98bcc8ab-201e-0051-02cb-30b357000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&RedC=c.clarity.ms&MXFR=219B5B6115B2614E3356489011B26FAD
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&MUID=1B048E5DC7BA6A4B3FBE9DACC6686BBD
42 B
466 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&MUID=1B048E5DC7BA6A4B3FBE9DACC6686BBD
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 16:29:23 GMT
last-modified
Tue, 12 Dec 2023 19:03:29 GMT
server
Microsoft-IIS/10.0
etag
"e8d91e42d2dda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 24 Dec 2023 16:29:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 04063FAAA06A43EEBBF0A8705F511379 Ref B: FRAEDGE1205 Ref C: 2023-12-24T16:29:23Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=82B0638158944DCC99F03F33B09D974D&MUID=1B048E5DC7BA6A4B3FBE9DACC6686BBD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame BF49
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7369860710936848&output=html&adk=1812271804&adf=3025194257&lmt=1703402413&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x810_r&format=0x0&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363291&bpp=3&bdt=394&idt=260&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gt_float_wrapper&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 16:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
341f39cae8a688703457cd227a26ba86037c77d1b29f695b7ec36890ab13644f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11948
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4E66
120 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de13b8f7654ea664bd1ffc2bc4d370fa15368886f67fd617b03aff3bd225a0ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41450
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5A1A
132 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd4f008d3b1e1061f8b1a6dfafa2fc8401d661473b1b70ae7d84f8d39ec55e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42107
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF6D
730 B
387 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=1141859776&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=399&idt=313&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=315
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd408226039d99d762774a286b2ae69cdf60b85da2d8817361a4da42626a9436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 824E
132 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d3a72d71b3eb28cbee1758793712f7a4fa9bfdba71d2069ec0fbd5261bbea75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
x.clarity.ms/
0
297 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://faceitaccount.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://faceitaccount.com
Date
Sun, 24 Dec 2023 16:29:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7369860710936848&plah=faceitaccount.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 16:29:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2101
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 13:32:02 GMT
expires
Mon, 23 Dec 2024 13:32:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C4F2
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf5ec114767d0b1b948fead894734c0f5cdf3610f416a2024f9a9c2dcabff35c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y3jJ1aQ7wukDmiZmowJlFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://faceitaccount.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y3jJ1aQ7wukDmiZmowJlFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2101
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 12:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
102243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Dec 2024 12:05:20 GMT
collect
x.clarity.ms/
0
297 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://faceitaccount.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://faceitaccount.com
Date
Sun, 24 Dec 2023 16:29:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
sodar
pagead2.googlesyndication.com/pagead/ Frame C4F2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4138256090018890&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 2101
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?38WSWg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1274889746997719659
tpc.googlesyndication.com/simgad/ Frame 5A1A
78 KB
78 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1274889746997719659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4yqbg28UWIDlie1HQCoJD2HW85Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09219dfa87e4af7e2e8531042d3ca883e1677a412deda6228c24ae787af0fdef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 17:13:31 GMT
x-content-type-options
nosniff
age
170152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80034
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:00:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Dec 2024 17:13:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5A1A
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A1A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 12:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
13205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 12:49:18 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5A1A
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
44355
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 25 Dec 2023 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A1A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A359
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 15:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5A1A
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A1A
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
9608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 13:49:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A359
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1274889746997719659
tpc.googlesyndication.com/simgad/ Frame 824E
78 KB
78 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1274889746997719659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4yqbg28UWIDlie1HQCoJD2HW85Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09219dfa87e4af7e2e8531042d3ca883e1677a412deda6228c24ae787af0fdef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 17:13:31 GMT
x-content-type-options
nosniff
age
170152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80034
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 10:00:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 21 Dec 2024 17:13:31 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 824E
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 824E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 12:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
13205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 12:49:18 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 824E
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 04:10:08 GMT
x-content-type-options
nosniff
server
cafe
age
44355
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67
x-xss-protection
0
expires
Mon, 25 Dec 2023 04:10:08 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 824E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9774
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 15:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 824E
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 824E
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 13:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
9608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 13:49:15 GMT
truncated
/ Frame 5A1A
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dab7ed4d7143dfb1a3fad44c3351dcabe53ec126fc80233a813c3b0c6a8e898c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 5A1A
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C4Y47Y1yIZbTAJq7N1fAPlZeH6ATyn7PzdPfv44TdEffV4dH8ERABII6J9p4BYJXikIKgB6ABhtfXvQPIAQKpAnH13JJmerI-qAMByAPJBKoE_AFP0JR5T9gMYX_5pqUU2f7H7tm7qE1o9jP...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221254140504175104687%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221254140504175104687%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22475981393412094001%22}&andc=true
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"1254140504175104687","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"475981393412094001"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 16:29:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 16:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1254140504175104687","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"475981393412094001"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 824E
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22f2b9cd0b570fe18f694e16a96b2756afb38117e54bfa0863d9e92d215343f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 4E66
4 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Dec 2023 15:13:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Dec 2023 16:29:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E66
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4E66
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E66
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 12:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
13205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 12:49:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4E66
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 09:13:30 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4E66
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 16:29:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 4E66
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 13:56:43 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame D6A1
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=2927825636&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363296&bpp=1&bdt=400&idt=310&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=311
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
441607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 13:49:16 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9774
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
expires
Sun, 24 Dec 2023 16:29:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Dec 2023 16:29:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 824E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEujpY1yIZdn-JrTF1fAPgJ296A7yn7PzdJ_144TdEWQQASCOifaeAWCV4pCCoAegAYbX170DyAECqQJx9dySZnqyPqgDAcgDyQSqBPwBT9Cm1BkhAFamCIRCb6yfNpJ_MImb2rejKWS65b2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223783046362323493827%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223783046362323493827%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216886753358278292961%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"3783046362323493827","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"16886753358278292961"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 16:29:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 16:29:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3783046362323493827","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"16886753358278292961"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/8027485697368901958/ Frame 4E66
22 KB
22 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8027485697368901958/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5879d7958d4c56956f0b6436f89af0047f2402094975a4f58997cd977877c344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 17 Dec 2024 15:33:00 GMT
date
Mon, 18 Dec 2023 15:33:00 GMT
x-content-type-options
nosniff
age
521783
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22869
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 09:34:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/9197212056025486186/ Frame 4E66
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9197212056025486186/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ddcc537caa71661986d37e1341f1c7e4fe706b8970b73f886f55c3685cf42b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 18 Dec 2024 06:24:55 GMT
date
Tue, 19 Dec 2023 06:24:55 GMT
x-content-type-options
nosniff
age
468268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1340
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 10:10:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221254140504175104687%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22475981393412094001%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 16:29:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4E66
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddb7feabf8da5a679751151a9ef4b80b2f9d1980505a3a35e5bc2c99ebdc333f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223783046362323493827%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216886753358278292961%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 16:29:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E66
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:10:14 GMT
x-content-type-options
nosniff
age
458350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:10:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E66
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:28:03 GMT
x-content-type-options
nosniff
age
514881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:28:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 4E66
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CW2ahY1yIZdPrJI3a1fAP15e2uAP44__3dNX95t3TEM6lu4aMDhABII6J9p4BYJXikIKgB6ABhtfXvQPIAQmpAnH13JJmerI-qAMByAPLBKoEhQJP0H3ma7Jc3bdcV9pHir59eLHl38W9PnZ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226375710255018270172%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226375710255018270172%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221896249057050334481%22}&andc=true
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 24 Dec 2023 16:29:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6375710255018270172","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"1896249057050334481"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 24 Dec 2023 16:29:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 24 Dec 2023 16:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6375710255018270172","debug_reporting":true,"destination":"https://lilienthal.berlin","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["934669190"],"22":["true"],"4":["12-24"],"6":["true"]},"priority":"500","source_event_id":"1896249057050334481"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 114B
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=2642754485&adk=2802532616&adf=4208823448&pi=t.ma~as.2642754485&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363297&bpp=1&bdt=400&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=1&correlator=5255524185156&frm=20&pv=1&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
441608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 13:49:16 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame B2E9
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2937912738839464&output=html&h=280&slotname=7465279286&adk=2140997004&adf=2880728706&pi=t.ma~as.7465279286&w=1200&fwrn=4&fwrnh=100&lmt=1703402413&rafmt=1&format=1200x280&url=https%3A%2F%2Ffaceitaccount.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703435363294&bpp=2&bdt=397&idt=283&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5255524185156&frm=20&pv=2&ga_vid=218403764.1703435364&ga_sid=1703435364&ga_hid=1362942774&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=179&ady=416&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079758%2C95320870%2C95320884&oid=2&pvsid=4138256090018890&tmod=1808777923&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
441608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Dec 2024 13:49:16 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226375710255018270172%22,%22debug_reporting%22:true,%22destination%22:%22https://lilienthal.berlin%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22934669190%22],%2222%22:[%22true%22],%224%22:[%2212-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221896249057050334481%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Dec 2023 16:29:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4138256090018890&bg=!ammlaSbNAAY3kmNgF5I7ADQBe5WfONDT0pECo66NKU-ZShrq8x7olkJ3aVNTMpd4VC5iLN36agV9FJHFXhyzTiJD_c4YAgAAAC9SAAAAAmgBB5kDAJyx-IQ-vKG-ViUTmThnTyRLwq0tJwzTZIFCVSWvfBrBdeYNYM4kzamtf_FUJ_EOuRNWxU80fuEffHxpTbZP32uC5kkzgpzkF99-UKjoLUkYloimmXEF2bj831K4N5wqC-KTtEpix9rvsWHOTwWzGirLF8KTzbtoJtfyfAuq-qwX4VOCY4j1ppjDiFrxc4kcKAG9cuWMKRSxVYzroNNrpc1AXywOLnn_VWCiWBaOGqbAMNE1XM6WTsRo05B81Z8YcArtiiWKU4SU9d5-ICJhztvvG0hXIZ4AUvri5pF3elfHMS5Zksf3Ofd65Jh3F8rrrokWeNS3fukpbesE5YcX0_logMChHW2swBAJBKhA269cfk5DdiU9K-A2o0tYQWkEnKsqoYrD5ZQbwJi2F7SKAmmaOnOeu0m9ZfWVMt7Bh7OzG13mBaEqHqnbRmJJdxfVbhTGmjpOWi3LHWOxQArlzZWpAao7xVIu6w_enbbIrQt2KnoqYjqkh6ZhAuAd7gpbS-HAOXjxgjCnzaF4JUF5LWVXgfj9ucemNg2Cqfbe7qnVyiIZOdJVhLZab5zD3-lowUPi7HarkMj1Pig86BUskch6_FAi7Y1gIKCMjoPvQMrE1rtpYH6DI2n8_zAbFOv_A9Xr2Yxlw_WbaT546tlWwR_MD6spvRfPlUwyW2wqn0pQ-9KFV7PZbfRJtTrso1qg87acENzsN_v7d_bQXle5OCZdiZuYioN5KwcWJXZdlsfVt8XqBCUi6IuSwgWi_gDLkyqRpymAtzOkkOPVo88_DCopJPjGnTHQrRnA6iJBwk9hZ2Nb2Xgd9RyMDMQXtqyz4ql-S5UPFslmqH_hd6KOu7ww258q2Bh7iESr3DMPGQ_8lxHAa1f7RH6tIc5Mpk2NYwwVveXt3VojtIVUNCAl6aUFBa2rAtzA2LyEbOlCz7wDAgY7f5o24754QMP8-kCb_Sfknxdz27zAJiMHG1FEvvxpO_oI9yYB1QhnMfBLG5ymWqP6OfJBmmb8SmnDuRNkbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://faceitaccount.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 4E66
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxeos5w0beEU102cpmSBMTdcnEhTC-WnCAiMbLbqVHXmF7YZPw3_AW66scwybGEluwo74dmz_OhVj1N-fY-AVoYJeou30dN6OcDzTnRdtFc7n12aLpDxSsDjt_E5QxJRKXX1XmTpgCvgEVu6byY_i4m0Uw&sai=AMfl-YTJCeJEUtdQGXKJ3lXVI51YA-EA-5kWtx_woHjWpNfR6P-wj1A0Iku5ZpzfMZ1-uU62jFUx-9bpNG7URS5j6WuRFFifjpVR1oZNGPKPB5emhg-gdu6SPkrGcLfHuMntD5o38O2MzA9ruMMv5-ATtw&sig=Cg0ArKJSzBYJy22L_h07EAE&cid=CAQSTwAvHhf_jky6n2PJV6djXrTE-ZxzX_Cli8waO3H1ja-lPZXumCpIr6D0KpYlFNR6KFT-fczgC1-1PEgeg6fnZ2ib1uw1N2JXZ4niLE0GEGMYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2140997004&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703435363580&rpt=491&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Dec 2023 16:29:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/
0
297 B
XHR
General
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://faceitaccount.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://faceitaccount.com
Date
Sun, 24 Dec 2023 16:29:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| __cfQR object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint number| uidEvent object| bootstrap object| sbForms function| clarity function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| kadenceConfig object| kadence function| KadenceAccordion object| KadenceBlocksAccordion object| gtranslateSettings function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| lazyLoadOptions boolean| __cfRLUnblockHandlers function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googletag function| arrive function| unbindArrive function| leave function| unbindLeave

15 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: b7a2c4c856ff48f28f23eac99de8ac6a.20231224.20241223
.faceitaccount.com/ Name: _clck
Value: ksr1i5%7C2%7Cfht%7C0%7C1453
.faceitaccount.com/ Name: __gads
Value: ID=ca978986b321ae5b:T=1703435363:RT=1703435363:S=ALNI_MZbmDJU8dfmytyZjwIROTcnCJmPhA
.faceitaccount.com/ Name: __gpi
Value: UID=00000ce7ab1c75b5:T=1703435363:RT=1703435363:S=ALNI_MaEPCs4grvDHPfwUSO2x8PoRjnfTw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bing.com/ Name: MUID
Value: 1B048E5DC7BA6A4B3FBE9DACC6686BBD
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1B048E5DC7BA6A4B3FBE9DACC6686BBD
.faceitaccount.com/ Name: _clsk
Value: 8jopd2%7C1703435363963%7C1%7C1%7Cx.clarity.ms%2Fcollect
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1B048E5DC7BA6A4B3FBE9DACC6686BBD
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUlXoWMuj-LLBAjabaGSsCmIqLeACcHqRtbTTPgeeB_goqHKqv_CyIwL2fQ7UUY
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.startbootstrap.com
faceitaccount.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.clarity.ms
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.clarity.ms
142.250.186.34
172.67.73.121
20.114.190.119
2606:4700:3030::6815:2b6e
2606:4700:3035::ac43:b228
2606:4700::6810:5814
2620:1ec:46::63
2620:1ec:c11::200
2a00:1450:4001:80b::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
68.219.88.97
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
09219dfa87e4af7e2e8531042d3ca883e1677a412deda6228c24ae787af0fdef
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ccf1dc5c7dadcc9608e7f901b8e973f7fe56226e9ec37bd6bff6c941a748488
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341f39cae8a688703457cd227a26ba86037c77d1b29f695b7ec36890ab13644f
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4ddcc537caa71661986d37e1341f1c7e4fe706b8970b73f886f55c3685cf42b6
5405ca68d94de128d658b9e172d95e4341a4e454a6039920e89722fac899830e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5879d7958d4c56956f0b6436f89af0047f2402094975a4f58997cd977877c344
59c961078cfedf024e31ed276b96245dab929c1490256f484eaaee5e3a60c987
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b2c8d6c185efb0b2dc5331ad7e68c3519ed1efda6d7750852d89fa788339bc0
6036f292fdeb73865eb24ee0ebddd7c88959012842d8feb298843bb5ca31b6b9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
6bd30aa862140d769d683108cbbf37213ab98135a909898c9dd683319cc62311
6d3a72d71b3eb28cbee1758793712f7a4fa9bfdba71d2069ec0fbd5261bbea75
6dd49b8a02f8c728c325cb04b2bbe9451eff47e8ea2bcb0659f8014b49082f14
6ef18d5a7bece47c9b4bdb8d4adb37c9bdfb0ef492175d6d069fd08ffb4417ee
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
84aef9e5ff9e3c7f93ee52559eb300c26540d391a5f78fedf6e2d91bdc1df5ba
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f9d3680de0b0cae7c0000945d283a0e829b9077c514990dbc214ddcc8067c2b
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a22f2b9cd0b570fe18f694e16a96b2756afb38117e54bfa0863d9e92d215343f
a314094040a719682393c8dc6df952aed02a927001de43a98a29cd99b4c7de78
a6de3fab3356d7cd3597dc6bf9ca845e40894c82a9b6158e6bae2ad2c3761cdc
a7d94fcc0c9349f76560293ae0986197f1264368d08e484636262b25cf035345
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b1569a0207938890151c0886960e607b3ed8a88836a10014d391dc33e7498f62
bd4f008d3b1e1061f8b1a6dfafa2fc8401d661473b1b70ae7d84f8d39ec55e83
bd71ebc79cd0b24246ac26eb40e965518922c50a2ea12b7c68c55d4e5625d17f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf5ec114767d0b1b948fead894734c0f5cdf3610f416a2024f9a9c2dcabff35c
c0f55ef4e8e0880dc0370168d6f1999420562dc02cd6e83b556c3f09688899be
c4da81ba63d1e4839ead234864a23c514f0774ee4e26d8b27d18eb786a5f177c
c63fa9d92b6805cf4a98e75b0b2d9f6054611c2b19aab8b0da34cc39bb9bdf30
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd408226039d99d762774a286b2ae69cdf60b85da2d8817361a4da42626a9436
ce31be8674e547e1166631b2dad857bf86a35365b2e58bb498ac8ff66719b666
d9001f4fbce7d5daf4c334816d776401a13491858773cfd7e9584bfd1a9d8422
dab7ed4d7143dfb1a3fad44c3351dcabe53ec126fc80233a813c3b0c6a8e898c
dd44598f061a016a51854f15855a333a18bf2c97f842d7da995ea0e8566c7b4c
ddb7feabf8da5a679751151a9ef4b80b2f9d1980505a3a35e5bc2c99ebdc333f
de13b8f7654ea664bd1ffc2bc4d370fa15368886f67fd617b03aff3bd225a0ed
e0ba579c51d0d1a5c3b1170204a76e34005fa232f9cb763a354fb6f363917599
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
ed5fc5573fcb530fbff76bf892395972a06ca6fdd0c64c741297ae82f52dffe0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f185210b7acc418ca6d0293af547637096c0618f5f092f7fe31c8942e9979c14
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f62d3330974ef7029eedc2f6e65bc8cdd268d92d6c002e2e3f2567fe44b8a498
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390