kawaiiface.net Open in urlscan Pro
2606:4700:3035::ac43:9a62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kawaiiface.net/
Effective URL:
https://kawaiiface.net/
Submission: On December 20 via api (December 20th 2023, 11:06:35 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 155 HTTP transactions. The main IP is 2606:4700:3035::ac43:9a62, located in United States and belongs to CLOUDFLARENET, US. The main domain is kawaiiface.net.
TLS certificate: Issued by E1 on November 19th 2023. Valid for: 3 months.

This is the only time kawaiiface.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:30a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:303... 2606:4700:3035::ac43:9a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	104.198.8.50 104.198.8.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	63.32.232.249 63.32.232.249	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:1::8	15169 (GOOGLE) (GOOGLE)
155	20

1 2606:4700:3037::6815:30a8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kawaiiface.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:3035::ac43:9a62 (United States)

ASN13335 (CLOUDFLARENET, US)

kawaiiface.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.8.50 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.8.198.104.bc.googleusercontent.com

emoji.kawaiiface.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.232.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-232-249.eu-west-1.compute.amazonaws.com

t.mindtake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.46 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:1::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5goeenez.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	725 KB
28	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	237 KB
27	kawaiiface.net 1 redirects kawaiiface.net emoji.kawaiiface.net	154 KB
12	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r3---sn-5goeenez.c.2mdn.net	1 MB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	322 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
2	mindtake.com t.mindtake.com — Cisco Umbrella Rank: 114079	763 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
155	13

	Domain	Requested by
36	pagead2.googlesyndication.com	kawaiiface.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
30	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net kawaiiface.net s0.2mdn.net
26	kawaiiface.net	1 redirects kawaiiface.net static.cloudflareinsights.com
16	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	s0.2mdn.net	kawaiiface.net s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	kawaiiface.net
4	www.googleadservices.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	ade.googlesyndication.com
2	r3---sn-5goeenez.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	t.mindtake.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
1	emoji.kawaiiface.net	kawaiiface.net
1	static.cloudflareinsights.com	kawaiiface.net
155	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com

Subject Issuer	Validity	Valid
kawaiiface.net E1	`2023-11-19` - `2024-02-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
TRAEFIK DEFAULT CERT TRAEFIK DEFAULT CERT	`2023-12-20` - `2024-12-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.mindtake.com Amazon RSA 2048 M01	`2023-03-21` - `2024-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://kawaiiface.net/
Frame ID: 1932FBD76EEA3C1F7144F446122A3A0F
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: A4ADC4BD1B9203CF1C0070AF32315F26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&adk=1812271804&adf=3025194257&lmt=1703113590&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590633&bpp=4&bdt=250&idt=288&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=145909187997&frm=20&pv=2&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308
Frame ID: 1BB528E4CCC5F25CCD3E53FF02064F0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314
Frame ID: B843792F731C0583B2BDA99625AE3F6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Frame ID: BFDEE4D06D32385864C8B13E3FDD11CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=4220680257&adf=2125422327&pi=t.ma~as.8496643944&w=1200&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=1200x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=319&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=322
Frame ID: DA1B8DAF12A280AE370F7C22C7618BD8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=903662724&adf=3132389021&pi=t.ma~as.8496643944&w=1200&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=1200x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590643&bpp=1&bdt=261&idt=326&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280%2C350x280%2C1200x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=329
Frame ID: 800EAC248BEC413027227AB9681382AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C33794CB5B9A89A6B8C25660EF59BB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E4A4FEB731FC985081EC914E825409C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNXn-FrTtuCZkENIhXy9WGHrlEkj96tTUxXN2d-HFv1DyVgtGXeKvfWrgV6eQzdfFjDqZUCMYDiYjM_oMJ_jmFJ4wjA2t8DOZHs9l01YKr-cgum-9NYIKF8mwbDfUYVDSOWkIHq9eUh4OP7brY5wS_SG0cPPQ0-0tN38_CY1fKbHqYBznqM
Frame ID: FF626866461F1CB5CF8BFEC4F9CA59D7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 53B24209FE12CD0FDB502A253F56FADC
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNVlisb7uSMocsNXaX198PvGPxkWVHjXxOg51ts5mmcVqiVNzIzEjRT5qzAoHdSqzy5pbCB6UKYpz17cFDbUG3nixxxpvIWJqdFiVXzM_1Csh38q_zIE2pSMLdLso6V6nW_k61w6I_wnd_6zj7pRZerxXKCgxyJaCv0w59QO7Kjhxmcuu4M
Frame ID: 60429ED28D0D8685A281CFE7AFF8FE1E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EA266DFA4A37313827BD8EA792A772C3
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 59A7466212188BC4A922D03F12DA80DD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 48822040D7DC04AF71527AB9B57A8964
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=Ha7rmhzups&t=1&renderingType=2&ev=01_250
Frame ID: 4D9F07BCD0D6A8DBE284D1C4CAC64DB9
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 20B0C79801375262174AE29E3A4D90D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=mKiFaXOLk9&t=1&renderingType=2&ev=01_250
Frame ID: E62BB303A75A1BF591331F42E37BBFEF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8ACD5E1E73617520308FA059FB104C2D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4B61CFBE6B7FDB8B9A001B5CF8DFEB7E
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C78FFAEA1DBBDFEFE6A10381D3661705
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9092676A2D98921FAE9E5EE0BF26937A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 59201FB6BD4E648979C532745AD590D5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: A350CB78FB1CCF4A1A2D7CCB428BA11C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: E3F04CCCE8C40E2B295A80B25AA12A5A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 4B9BD0DE77C0257A74B96D3F2C61C126
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kawaii Face | (^‿^v) ᕦ(ò_óˇ)ᕤ Every Text Face & Kawaii Stuff

Page URL History Show full URLs

http://kawaiiface.net/ HTTP 301
https://kawaiiface.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

155
Requests

92 %
HTTPS

67 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

2614 kB
Transfer

5669 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kawaiiface/

Search URL Search Domain Scan URL

URL: https://twitter.com/kawaiismiley

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/kawaiiface/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kawaiiface/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kawaiismiley/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kawaiiface.net/ HTTP 301
https://kawaiiface.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjGxtNQKnQ3cHzvLzMtZMI&google_cver=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYNzd9bn4YBgUvI8344AKgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ1ktjcs4hhg7uB_mNkaF8&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

Request Chain 71

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYNzd9bn4YBgUvI8344AKgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxjl9BFbe3fZet4sFtXr6o&google_cver=1

Request Chain 73

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=CzvSKdnODZZG8PPPR1PIPud65ONS7qNB0tOmj2MwS2dkeEAEgp6GhI2CVgoCAtAegAa_K-MUDyAEJqQIVJuyYnmSyPqgDAcgDywSqBMUBT9CB97J7jFJJbXjOR0aWxhbHCxJQfgxeZJx8Ds7Pi6ICmOPzbOrksY80lWiPLy7A9jkkn7JA0HuO0eJySnCApnyfFaDpGjFxfP4QK_EeJJKo5SyDaNz8KweuXTTOPsLG78vuaA19GORpJAHFwIcOAWX0dAUUEvIaxh_uFNSDK3BWH__fykm1AU-VhJAGHW-nT9JFT7vi7NzqUB5mbK5mJiX5F5Jb4E7HnU8Arm0lNB6mj544Yt_HDoUAXEaCl7nZb03xm8fABPqVxILEBIgFsrjyxk2SBQQIBBgBkgUECAUYBKAGLoAHyd2HE6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELmeDNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYq7LpxJCfgwOaCe0BaHR0cHM6Ly93d3cubWV5LmNvbS9kZS9kYW1lbi8_ZXRjY19tZWQ9U0VBJmV0Y2NfcGFyPUdvb2dsZSZldF9jbXBfc2VnMT0yMDgxODIwNTc0NiZldGNjX2NtcD1tZXlfQVdSX0RFX0dETl9LdW5kZW5zZWdtZW50NyZldGNjX2dycD0xNTU2OTc4NzU3MDYmZXRjY19ia3k9JmV0Y2NfbXR5PSZldGNjX3BsYz1rYXdhaWlmYWNlLm5ldCZldGNjX2N0dj02ODI3NjA5MTMyOTkmZXRjY19iZGU9YyZldGNjX3Zhcj17Z2NsaWR9gAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItOTA3MTAyOTY5Nzc0MDQ3MRgA&sigh=F-Wzg7-RHio&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_DD2VmPcdMDCGdOXfyaWjx1xeZbXM_XMEvmIVhgUVaomHkl59A5fAsaffFjfB5gB1eRKO84-5Ngf3KGzqBcFWZG_qdkseAvC2upgYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226525550239376961590%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221512243203161672049%22}&andc=true

Request Chain 138

https://gcdn.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8037D569065AC090F3817B62841F374B2CD8B0C3.514514665687F03BFF0E499A0F22FBDE41EB1E56/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/388810E1024699D08C4F1E2B2517E77C01E5EFF9.82795B25BD742CFAC369BB4F0C46343DE41F2EAE/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4

Request Chain 139

https://googleads.g.doubleclick.net/pagead/adview?ai=C-YSSdnODZZf9Opnj7gPnjaywDrf4x9p0_8e2iccRw_r0_QgQASCnoaEjYJWCgIC0B6ABjsCk5wLIAQmpAhUm7JieZLI-qAMByAPLhICABKoExAFP0OnZeP28wZTwhRHFhSma1Tv9s1eHe9lJcJX_UlLvjjqV_9nOKF_L__F1kf6X0mTPPj6Rv3R0t6WANK41xERbszppgk8qk_aAjZ4cQ--7DWBC4bldkK_Q7i7i3x1ougyW_zhs07DIQ4UOi5W3806WJcDlPEzHCK6Qc7OXyRh2Ji-zsGMhjOyIO_9YUK0ye6IqcjpcddMu0GF4Fh7klgTP0MVmBS4JfiiBJpVqlzYKBei3VHg-ltD16Y1JKSBGovWNG9UTwAT-jeXIpQSIBcKemsFLoAYugAey7bYJqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjaQZ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljP8-fEkJ-DA5oJSWh0dHBzOi8vd3d3LnNpZ25hbC1pZHVuYS5kZS9oYWZ0cGZsaWNodHZlcnNpY2hlcnVuZy9wcml2YXRoYWZ0cGZsaWNodC5waHCACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQK4E-QD2BMDiBQG0BUBgBcBshccChoIABIUcHViLTkwNzEwMjk2OTc3NDA0NzEYAA&sigh=PdCkVS1MQm0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vdTl61SlG2noSsC0M4BXTdiODH6eaAqpDzeG_Bg9hNWBSAh07Yt-psr7qrGdr1lb7GvPCzFozMpLaOprEO5iKOANqaMjZ3gjqJAYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224768238639786957315%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22753475598%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222301987496413325761%22}&andc=true

Request Chain 143

https://gcdn.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/75C30A07D91102B24180364BAC27B66634DB3FC6.9595ACE651037BA982A8C341A926CA83A989F436/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/774B26D5040593A1A0D8D5F5096769CF70C7B551.22AA48DB2A94B3A972892AFF4C4524815D266F90/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

155 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kawaiiface.net/
Redirect Chain

http://kawaiiface.net/
https://kawaiiface.net/

59 KB
12 KB

228ms
63ms

Document
text/html

2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284480e72817caa8140a455de1a753ff92085d05ec0c3e46fe0a2ccdda20742f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838b89437d6b993f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 20 Dec 2023 23:06:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQkvs6VvmZGpjsnHTJZOIBnoWHcnKWQq8bj5HH4AMjfDGKkL11eb2d9M8vPDC0VadC0jcvwBQPzLSvq63dPn1YWjf6kUV3%2F6ELH8JDx87NJAxq%2FUNu6aQcKWCZxGLfG8SD80lZ8fwk8yo2L5%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 838b89419b6d3835-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 20 Dec 2023 23:06:30 GMT
Expires: Thu, 21 Dec 2023 00:06:30 GMT
Location: https://kawaiiface.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD8qucs2cJ30cDFtT24yyob%2Bpanps5qlPg1oZSSd6uqpTfOZv32eueOqbcl2Q7TO6YlFDqWo0gDAzo9myWmtkH7Yp%2BRlA8lSv4RLZQeco4BlTyzCk1qHDUWpGvmSvhp4CfhHNCq7UGQ5Zu%2Fu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
kawaiiface.net/assets/css/ 7 KB
2 KB 18ms
15ms Stylesheet
text/css 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/css/main.css

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e0edcf638019072fcd1ef34140b84553d3daf3e8b158ebb45eca686b96419a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6501
cf-polished: origSize=9526
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"ad8cf3e1b9bcd06c2186e56018e729b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8%2Fj8N5q9F96Etl%2Ff6kbdaJ3cVD8jP9%2Fi2uQ7sO7a3ttnK0OfviDxSMaOn4Wo2k4a790viHBbjL%2BpnR30a%2BFGA0RWQ5tOFebYrNMmh2Phrl8eLKO5rU3rHXO1YbYNLeTmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b8943eded993f-FRA

GET
H2 200 homepage.css
kawaiiface.net/assets/css/ 2 KB
881 B 19ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/css/homepage.css

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c5d94e78d0ef3c760dd08693690cf798e2fcc115b9d2e1ce997adbe7a50d247

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6501
cf-polished: origSize=2284
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"5b233ba9a53c1db9e560b7e248dffe00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KJKAE%2FWlPZS1vNxqJ91Q1tSzSd7tD9w2rBi4eiGRei2z5o9qu%2Bhw9cpJB%2F9LTrmntdFmxzoGrphFBaVcMXgvfCaN24E0U%2FkITt%2FfUzOuas4eywanONPR6b2cUxGafXTMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b8943edee993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/cc00bc90-1e79-4811-0487-eb7c98368200/ 2 KB
3 KB 77ms
74ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/cc00bc90-1e79-4811-0487-eb7c98368200/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1de32368f3a8a421c236ba3adae8574471e368638558b3e690b42bdb3fae1bb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=618+0 c=0+16 v=2023.9.8 l=2278
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2278
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfPYjMc3ysp-aB19rLjgitcXszfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL7nRkhIXW1z10vR1aQ4sAumJsI01U65SLuBScIEgpA%2Brl0lqV%2FDF1Fua15Ui9GkAwmrg3G2Xe98OwyIHuoB0SFs6KS4SoFNz561RZELPURzYunosp3uU8HonPr2J0buAeVcjAZH1OPGbWwpYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf0993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a87e571c-794d-48a1-cd43-3abaf2609100/ 5 KB
5 KB 47ms
45ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a87e571c-794d-48a1-cd43-3abaf2609100/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd461fcc331a7fff33fba6b64c1c161775929aca2a55e230331950932b5b063e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=16+0 c=0+83 v=2023.9.8 l=4670
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4670
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf9nzHa6sgpQkmc27thTYolGoifb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcNXJc9myTfkAuL5ePGpypOeP%2FRjlDDDiuTUomHv2veILWVcUtvDFZ0CTiDVs4zp68zvg7laWOOjo8%2Fap9FJC8EkSgKzrV%2FlYA4tmiSNzTuHXrOnvitcZzkXK%2F%2B8X0UCun9xN1BEIs%2BsnNugSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf1993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/389ff349-99ed-445a-6b43-403c1fdec600/ 4 KB
4 KB 44ms
42ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/389ff349-99ed-445a-6b43-403c1fdec600/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed58bb7bb8520520816a84f781c7a80e54ca19829b67984081530acbe891f2ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=17+0 c=0+93 v=2023.9.8 l=4230
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4230
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfp7a7Sd4Nnn9r8_rx3ghSmgazfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z96UHoSJHxBNHt7d4NMdDH0DSnBTJYDyDX9PiObuEAyiwak88JlQru52jQGnwy3tnz6KzG9NXqoX5zpTiK76SnS%2FDr8AGp43tYasyOsvfrCkcJBjXNWPbiGdiT%2BQvocAGAoZvl73wc5vnFaBQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf3993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/2c65baf4-edb4-4891-6fb7-f4289244f500/ 4 KB
5 KB 47ms
45ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/2c65baf4-edb4-4891-6fb7-f4289244f500/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b339e5d3e3f996ddf2e5bf60d00bccba0db4aff9a1843f0aed838febd2dde9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=12+0 c=0+85 v=2023.9.8 l=4329
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4329
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf4ifPe2WQNbdHInw64EABjId8fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8rQHOq0bo5d%2FKfXWD6dArctH9oGWC3cPI1dYvaEPsalpTjWvQqMsoi0EPAqADF86Yr9SWrqCHeCKOJhthSqx0RIflwjh9R%2BTc4oyS48zCo31rZJDgbEjfvB1WQYzVFqUkgS8UcNAZIgZjLuLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf6993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/d3c45485-b02e-4ccf-7b1a-8f49d47f1c00/ 4 KB
5 KB 41ms
39ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/d3c45485-b02e-4ccf-7b1a-8f49d47f1c00/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e5e4dcff7d7415badf0a03619960688cf6ae791e4a1d2e208a5a40a42ec0ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=482+0 c=0+51 v=2023.9.8 l=4239
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4239
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfrs-GAmveXKXljxbRjtanG2G7fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAP3tq%2FKjEGgA1jit3PzdADo4SsEU5XIiMLc0rLEHyAsDoLrDnKbhPcarti%2F2K%2BddXNWHeihjghgNjlmzbIOMUksQrjMYM2DJ7j750GtZVgXnnvXYcgs4DUgydy1mlU9w4B%2Bfz6dsY6fdPNazw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf7993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/b39bb875-04f9-458b-a648-80e6f30f1c00/ 5 KB
5 KB 70ms
69ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/b39bb875-04f9-458b-a648-80e6f30f1c00/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdc1765e2b1b48df50283edf3f46dcfbe879fe3c18a70785646d293d15c279d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=22+0 c=0+97 v=2023.9.8 l=5166
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5166
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfvHqU4VfpJY1x3Q534mwRx3EGfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p85ODTq7e0fqCkLelHL6EZqt8E%2Fn5gL9rO%2BkX7xAHqpUwFfaf0mR4lFn4Dgc8me0mBx7Be9h83tHVhRyfZEeJZnz16RwFK8flUam46sEEz6KRVKocfO3YIhkxvdsndL8N7JKWbcCu7yBywiGPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edf8993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/b16a85bf-af3c-4698-c3e3-638a5b812800/ 6 KB
6 KB 41ms
41ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/b16a85bf-af3c-4698-c3e3-638a5b812800/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9708e4281c038660be5220074a607d5e7921b1e9edd5262a0c1ffe143d5bac49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=667+0 c=0+70 v=2023.9.8 l=6231
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6231
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf9oYYnkUK-mgtqkhQRsjK3s3ffb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfYXHiuBtRbubACX1Ztkr8S3M%2BE6THFPQKP5qEKPd1lmKf4fT4mADBFUBzMY9dk4ilMrP6ULSXs92%2F4DvQjniE6Eq%2BcGhjb1q%2Fs87d7SUZ8VnZFUr3c9PVtpGMFVZkp5i%2F%2BA%2FOLoeGB1I0iPlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943edfa993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/f2337509-5789-44a2-30ef-0203296d2200/ 6 KB
7 KB 42ms
42ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/f2337509-5789-44a2-30ef-0203296d2200/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385fc7633695226e8646fda0d754a0c3a818f70ead68917a6c9940985c161d74

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=523+0 c=0+77 v=2023.9.8 l=6300
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6300
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfpJOkcNqLl2k2KDewJBUYy2cyfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w062CalHKKPc2%2F5QJyJxJU3JabACJqlKu5rJzvbLHnmn6wq1ZFkNRC3c2rbjOeNTXcKwanWvdlXlc7ZNxTQIfB8SpE4%2F9PKm0wXjrL1OttEdaAHhzyAq5ZhpIToKg1xF5g40qFheRKuPdyGWWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fdfc993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a943d19b-4e9b-456c-0015-8ef10f1a9800/ 6 KB
7 KB 40ms
40ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a943d19b-4e9b-456c-0015-8ef10f1a9800/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d819c0bc704a4ff73385b72bc752a7e8ee5795b52f60b2655fa795ddc5cf1aeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=18+0 c=1+69 v=2023.9.8 l=6268
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6268
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfO9f1tzhZ7lKaKEwTu3UU8roPfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN5Mcs03VFauPKIchnYwbMfFfZvmLrweelVZzX%2FEoibeL9P8116hNrnA3teWPzb2bAyM0xw7NJOeEBwpXoVo1KFQVyLmYtpswldWhOzi735iTZFj2G%2BlQUHOD0xHfDSgq%2Fvcr9HnmKhPomDYNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fe05993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a536dd26-bca6-4412-d0fd-4f510c256500/ 6 KB
6 KB 39ms
38ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a536dd26-bca6-4412-d0fd-4f510c256500/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78aa433226a89fed81acef7f7af34ff1e8b85de259cb3e9a2554f226c9910c53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=16+0 c=0+69 v=2023.9.8 l=6065
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6065
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfKotYDrygM_qwDxZqYsCGdvqzfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLNs8Echv0uR6mXtM3I1uX2mi2hCkvtUgZr6vPjTBDhsLy18fVyUjvOF%2F14aTXU1Spb3ZroQlqb%2BCC%2BByEl3RbK3%2FS%2FV6dnnqq%2BLNzjTGeG%2BeqcnYsDP%2BB4HUDvc0RSqfBURW7BHWp%2BAp1HE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fe06993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/853690ed-3a0c-43e7-0f07-05bb3c8f6800/ 6 KB
6 KB 45ms
44ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/853690ed-3a0c-43e7-0f07-05bb3c8f6800/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca1932d9f3a83ad174371e5d45733483a35823fe065731f7c60c91e583544c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=20+0 c=1+44 v=2023.9.8 l=5810
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 5810
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfh1XlHqAzaWZym2Z18cI9tcB7fb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3MX%2FGzMIu8PipdGTuSEIERBCVgjhwJE2HGWlDxCf6vrea9vZgBD0XVzM9dhrpfFtggAtRnC%2B4q2TixaX2tMAvjpaCnt7bLAUtzXcQvfbaSPVHzIeIwdE%2B7gqSrBbK1XanoQYWxFR20NQ3tqxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fe07993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a31a576f-4574-4ece-5071-a84128328200/ 7 KB
7 KB 42ms
42ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/a31a576f-4574-4ece-5071-a84128328200/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb0da268001c934c3d0a9cbdff6b40d52d12e5fe7524f257a6f612bed009ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=19+0 c=1+63 v=2023.9.8 l=7106
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7106
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfa62fiI4Zu7bs3lFctq3jyggvfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g21hFByltFPlM2NkCS%2FoSiGSRpfHB0ricIfCyoHwYV%2BZ5%2F72XreTHivAC90uH8gOqGxXEcB53AEUXQV8n0Whn8fwZTJIWqNMf%2Fv0xJe9sa1v7CiR%2FB0b8AKoruL8I8c0LD%2BzJjtXX%2FWfuxtmeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fe09993f-FRA

GET
H2 200 public
kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/e040c6b5-e25f-437e-3f04-726a16530e00/ 9 KB
9 KB 41ms
41ms Image
image/avif 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kawaiiface.net/cdn-cgi/imagedelivery/YWI-ryKPo8AnASwQOQ5xpg/e040c6b5-e25f-437e-3f04-726a16530e00/public

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e14ecaed723b316d6d9cc6f0e9d81bc4183fe4d8e8465c1ce0da9a9ad3a5bb15

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=978+0 c=0+71 v=2023.9.8 l=8771
date: Wed, 20 Dec 2023 23:06:30 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8771
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfHOd1ZqaRwLjR86jxvyRF_oWCfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jxHTt2Zw40H63vPgT5b9juxWwSPgMtjNCkOrh3v0HcAQ9phOGB3whkzJMuD6glfahmmThYZoMRB0ck86b%2BAMaPE%2Bh4JohRoxmdxT%2BxTW3UM6OuXB52E%2BAsJPgkeuvyXZnPUHcz2zxiswt4puQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 838b8943fe0a993f-FRA

GET
H3 200 rocket-loader.min.js Show response
kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a432-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoBk8dBzyen2uvzPOFcZ8aS3dAAZTAyG2merhkZSCSI639ax%2FXTM7aJ4u%2BKgxl145ezwb8Ja89TaQ8YLL30BJSJiLvJdbOQOtLtYHj8jILGksvlptoBGecWqZDzBosKNXdOgZAaYZs%2FKhN1pUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 838b89440ee75d92-FRA
expires: Fri, 22 Dec 2023 23:06:30 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 72ms
38ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: kawaiiface.net
URL: https://kawaiiface.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://kawaiiface.net/
Origin: https://kawaiiface.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 838b89444f9465c6-FRA

GET
H3 200 BubblerOne-Regular.ttf
kawaiiface.net/assets/fonts/ 29 KB
15 KB 62ms
62ms Font
font/ttf 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/fonts/BubblerOne-Regular.ttf

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/assets/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43130dbcaf2c7630ccbb426e95fbf9deb211bab6527ae36f17cd1fa7d4f270ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kawaiiface.net/assets/css/main.css
Origin: https://kawaiiface.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5917069ec731b240167d9c3cd28ec84d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyZAWHpAB4A%2F%2FJrBOAVqSBoQaGyG39WJgpeowTTQme0F7y3sYgX6%2FM7f%2FpFSfLQkHllPbtWactKgLRnoME8M9SW%2FQCwtqq97SVN4Fbhh2mylohKpGBOTuK8hMkzgquSGTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89441eed5d92-FRA
priority: u=0,i=?0

GET
H3 200 BubblegumSans-Regular.ttf
kawaiiface.net/assets/fonts/ 36 KB
20 KB 55ms
54ms Font
font/ttf 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/fonts/BubblegumSans-Regular.ttf

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/assets/css/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec8fe3b1622b9acae28cab44d0ed08ca665408ac6835ea11e7e60977e67d933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kawaiiface.net/assets/css/main.css
Origin: https://kawaiiface.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d440f440c888487123ab3c36f7704389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DGOiwU8%2F9bmGP%2FntqNrIfKfxFZ2E2rdgqQrCPSYwp01dY%2BmZt8Eu8ZpS6XSSjLg7tORZ1yJrHODXlnS2oU%2BPWzLieuVvxfQMfKYxsvHwZCTKwGEoQ0auHf9exmTbvDSsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89441ef05d92-FRA
priority: u=0,i=?0

GET
H3 200 homepage.js Show response
kawaiiface.net/assets/js/ 906 B
850 B 66ms
65ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/js/homepage.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789ebbff9f2fd250f712dac297c1f3342db57d6aa0dd8e514917c50b879a1b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1178
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"fb6e8bad8539c6936aa8182d6fc6d7d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n%2B8z4z3YBBigkWiO8tNW08CSPYFNhJlTuNpuA3h3DG2t4J7fHp%2BdG0Qumka83%2FvpoNakrTrgvdDukhhT%2FNhsRebl468zIhZe02IcU%2BFgldwYvzXcwAK3ePf%2BDPb3iofVd0QXr6zw9uAtBFckg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89448f645d92-FRA
priority: u=1,i=?0

GET
H3 200 main.js Show response
kawaiiface.net/assets/js/ 3 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/js/main.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be928b7ac0c65042803f2e0b4f8512bf3af08a7e8d274009a2a59c546ad18a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3951
cf-polished: origSize=3615
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"70984546f9ab0bd6055f0bb27458f3f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDbfSOomUNQbikSiPgap2C5U0u2hmLC2l1OsaGazE3%2BJf2ULlss47GLVNKZS5iUQ6za7SUlUepNOdklZjpNO8vMIk6aHwycW9WZ%2BkWxsleUVb5CZfdbxOYcIgwpWgTuysE4gnsyLeyxPukSOJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89448f665d92-FRA
priority: u=1,i=?0

GET
H3 200 tippy.min.js Show response
kawaiiface.net/assets/js/ 25 KB
9 KB 20ms
19ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/js/tippy.min.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f69591039556db35165093addc94fc0dae33171425b07831b20bd8d4d8b4c2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3951
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e98efdceed329e357924bf98a5576f0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxqsdKX7uzc6rblBRwtqI5wUufLpcIKSG9xeA4zpkX0l4RIVNkxDFHZSeufiaphJuk1xkfG0PscKo0QAiQTAzor1d%2Fza%2FxuXQexGU0f71%2FDcuhPis9IWiKxeT3EZUL5quL8RHwSSzK8l0SEDaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89448f675d92-FRA
priority: u=1,i=?0

GET
H3 200 popper.min.js Show response
kawaiiface.net/assets/js/ 20 KB
8 KB 34ms
33ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/js/popper.min.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f479bebb230a527888047b4ed8441a06719008ffed1edf32613e496d0e659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3951
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7ad7f129f019486d7fad3e2d7c908a82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=894D%2F1mZOB0oJuMAX%2FkOIHxiuzu5pCISnXcm4m4%2FZbp3WKVb5G8bxo6mYfRBV3nb8UbjuUn%2FCYsBNW4oERrO77vCZXnZgt1VoKS1TCPm0RQWrzYCO2CPOqh1N%2Bj9n7if6q7G0W6K0JzxbB7HSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89448f685d92-FRA
priority: u=1,i=?0

GET
H3 200 clipboard.min.js Show response
kawaiiface.net/assets/js/ 9 KB
4 KB 22ms
21ms Script
application/javascript 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/assets/js/clipboard.min.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4665897d24262102f74da3cd51341eab7682fc247c26b953d56c928ae2596763

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3951
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"46516a6ab7e7733ad7d387f1e2c86945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmoXOeCxaasl9z%2F7JKIRvxPL7NT4yS2QXAz3TFpdiVqfkughU8OL3YBjM%2BD597QqVJf6T7Kl0BBEkefRz870qDrQmXKM7n%2FDvy%2FrP4M5dwLSjQbqnVkgftUq2fSLcCrV6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800, must-revalidate
cf-ray: 838b89448f6a5d92-FRA
priority: u=1,i=?0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 106ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9071029697740471

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29d669804041c00f67b004492b54a6e63f713d69a4b8db0d0d602accd3f3ad9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Origin: https://kawaiiface.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51446
x-xss-protection: 0
server: cafe
etag: 2630845279799351163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:30 GMT

GET
H2 404 dbwlmbag.js
emoji.kawaiiface.net/ 0
0 481ms
153ms Script
text/plain 104.198.8.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://emoji.kawaiiface.net/dbwlmbag.js?id=GTM-WMXH2H9
Requested by: Host: kawaiiface.net
URL: https://kawaiiface.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.198.8.50 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 50.8.198.104.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H3 204 rum Show response
kawaiiface.net/cdn-cgi/ 0
140 B 11ms
10ms XHR
text/plain 2606:4700:3035::ac43:9a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kawaiiface.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9a62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kawaiiface.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://kawaiiface.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 838b89450fbd5d92-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 127ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9071029697740471&plah=kawaiiface.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9071029697740471

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f976bb29d4335f15d4742772acce1860b5e03a2ba9d83909341058e704c572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137967
x-xss-protection: 0
server: cafe
etag: 3198517683066505939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame A4AD 9 KB
4 KB 83ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9071029697740471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BB5 340 KB
81 KB 774ms
773ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&adk=1812271804&adf=3025194257&lmt=1703113590&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590633&bpp=4&bdt=250&idt=288&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=145909187997&frm=20&pv=2&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9071029697740471&plah=kawaiiface.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41ca602fd5a09fc9d901eae7f1fc7837609b435af5ece01d596b818d2e6b2f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83024
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
62ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40065ccff24c7e61e9a37f5cf2e986546b9e9cdbc0266a7ebbca11176011a148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12398
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B843 27 KB
11 KB 488ms
488ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8582db746e426d5b847aba222ae90b4a7605723b27c5126d673ab0d54116de47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11247
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BFDE 27 KB
11 KB 446ms
445ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

778a3e2cb9eaefbcb6ab18774e9b0e645cf560118aad705edf824dabbbd83757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA1B 133 KB
43 KB 417ms
415ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=4220680257&adf=2125422327&pi=t.ma~as.8496643944&w=1200&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=1200x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=319&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eb15cd5482cda6b6beba00836774d07338647cafe8ddc52da9304c9131fc464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 800E 724 B
382 B 247ms
247ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=903662724&adf=3132389021&pi=t.ma~as.8496643944&w=1200&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=1200x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590643&bpp=1&bdt=261&idt=326&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280%2C350x280%2C1200x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=329

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17fb72713b443fa9c0f0cbc3915188376924f03acfb0cc8da88b6eff4b80c87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C33 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1E4A 829 B
1 KB 58ms
22ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf35739e2e7cf01a6d790efff1bde923b96353b8280b2589d327d1c48690a38a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1phYQ-kZ2HDrR-tjSTYcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1phYQ-kZ2HDrR-tjSTYcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C33 39 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1E4A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1913112893402809&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6C33 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GhpMcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DA1B 14 KB
2 KB 80ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=4220680257&adf=2125422327&pi=t.ma~as.8496643944&w=1200&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=1200x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=319&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=871&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 23:05:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DA1B 2 KB
822 B 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DA1B 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DA1B 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DA1B 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA1B 203 KB
65 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame DA1B 37 KB
16 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 09:13:33 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/4270467728249758103/ Frame DA1B 19 KB
19 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4270467728249758103/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e9ab35d945f73d2a3aa777486433c178ceff206a883499e57762e37610a4ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 07:25:42 GMT
date: Tue, 19 Dec 2023 07:25:42 GMT
x-content-type-options: nosniff
age: 142849
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19855
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:47:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame DA1B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DA1B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FF62 624 B
246 B 58ms
57ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNXn-FrTtuCZkENIhXy9WGHrlEkj96tTUxXN2d-HFv1DyVgtGXeKvfWrgV6eQzdfFjDqZUCMYDiYjM_oMJ_jmFJ4wjA2t8DOZHs9l01YKr-cgum-9NYIKF8mwbDfUYVDSOWkIHq9eUh4OP7brY5wS_SG0cPPQ0-0tN38_CY1fKbHqYBznqM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 53B2 89 KB
31 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H2 200 trace.js Show response
t.mindtake.com/tag/cid/5531K7/ Frame 53B2 1 B
381 B 138ms
32ms Script
text/html 63.32.232.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.mindtake.com/tag/cid/5531K7/trace.js?gdpr=&gdpr_consent=&DMP=10102&BannerFormat=300x250&BannerSujetName=banner_300x250_family-holiday_at-de-ch_pauli-immer-da_winterspass&Misc1=image-familie&Misc2=impressions&CAttrib1=https://kawaiiface.net/&uid=1703113590984365
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.232.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-232-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html
access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Access-Control-Allow-Origin, X-HTTP-Method-Override, Content-Type, Authorization, Accept

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 53B2 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 53B2 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53B2 203 KB
64 KB 87ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53B2 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dc8TMTYWnxjEc-gEVnc4xoMYwJuy6Ewr3Ucf9F1SrAe60EzzH_mcoviwtJwChURV1X_drJ5RavRKHI4vJeICf6hoMcwCiw-FZctMRYgeSPSRaRapM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6042 624 B
246 B 57ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNVlisb7uSMocsNXaX198PvGPxkWVHjXxOg51ts5mmcVqiVNzIzEjRT5qzAoHdSqzy5pbCB6UKYpz17cFDbUG3nixxxpvIWJqdFiVXzM_1Csh38q_zIE2pSMLdLso6V6nW_k61w6I_wnd_6zj7pRZerxXKCgxyJaCv0w59QO7Kjhxmcuu4M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Wed, 20 Dec 2023 23:06:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EA26 89 KB
31 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H2 200 trace.js Show response
t.mindtake.com/tag/cid/5531K7/ Frame EA26 1 B
382 B 107ms
32ms Script
text/html 63.32.232.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.mindtake.com/tag/cid/5531K7/trace.js?gdpr=&gdpr_consent=&DMP=10102&BannerFormat=300x250&BannerSujetName=banner_300x250_family-holiday_at-de-ch_pauli-immer-da_winterspass&Misc1=image-familie&Misc2=impressions&CAttrib1=https://kawaiiface.net/&uid=1703113590976009
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.232.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-232-249.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html
access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Access-Control-Allow-Origin, X-HTTP-Method-Override, Content-Type, Authorization, Accept

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EA26 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EA26 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA26 203 KB
64 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA26 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2qsPGTaXX4kw_YhZ4Uk9FdEll3DUbWPKrtBuBpcuJfx7JANR_j7BHe0fPq-ImAUdBEPGe05QpOjMmTBTjaSXkzhDthmO-rnsQpWLaoSkpvLpWnTI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DA1B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d12c9a6ed06cd2604aed69429477f3db70f1a9964c578038c612a20e57252a51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FF62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjGxtNQKnQ3cHzvLzMtZMI&google_cver=1

43 B
769 B

19ms
18ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjGxtNQKnQ3cHzvLzMtZMI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNXn-FrTtuCZkENIhXy9WGHrlEkj96tTUxXN2d-HFv1DyVgtGXeKvfWrgV6eQzdfFjDqZUCMYDiYjM_oMJ_jmFJ4wjA2t8DOZHs9l01YKr-cgum-9NYIKF8mwbDfUYVDSOWkIHq9eUh4OP7brY5wS_SG0cPPQ0-0tN38_CY1fKbHqYBznqM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThLigSC44iE29B1ayoJUvvIL3Q2epoFCX4C2kRBRYKaa3efefW7kNVlJhwosfMcm3CiHn8Zjim%2FRQQ3ywTRGGRf%2BzGEHYuxit34lJ0cqsmrNRfB9aNHen5lY4Q%2BDg47%2FHK97O5UBeBXhNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838b894b8ba918d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECjGxtNQKnQ3cHzvLzMtZMI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FF62
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYNzd9bn4YBgUvI8344AKgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

43 B
743 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNXn-FrTtuCZkENIhXy9WGHrlEkj96tTUxXN2d-HFv1DyVgtGXeKvfWrgV6eQzdfFjDqZUCMYDiYjM_oMJ_jmFJ4wjA2t8DOZHs9l01YKr-cgum-9NYIKF8mwbDfUYVDSOWkIHq9eUh4OP7brY5wS_SG0cPPQ0-0tN38_CY1fKbHqYBznqM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CImkQ34sc2UHcdJ8%2Bnfy4Npr6K%2FP9Dz2q3kT9HNeeA%2BLft25%2BbW1%2BG84ylcgF9%2BZ%2BqffwBLTKtomnhyqvKjvK4kPylKLVf5%2FEF9VQY8d%2BppWJazs2%2FO1PrNSFOYJVPsjAknMIwG3Mx9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838b894bcbcc18d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FF62
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ1ktjcs4hhg7uB_mNkaF8&google_cver=1

43 B
846 B

32ms
30ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ1ktjcs4hhg7uB_mNkaF8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNXn-FrTtuCZkENIhXy9WGHrlEkj96tTUxXN2d-HFv1DyVgtGXeKvfWrgV6eQzdfFjDqZUCMYDiYjM_oMJ_jmFJ4wjA2t8DOZHs9l01YKr-cgum-9NYIKF8mwbDfUYVDSOWkIHq9eUh4OP7brY5wS_SG0cPPQ0-0tN38_CY1fKbHqYBznqM

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
an-x-request-uuid: eb36fd96-9cd6-493e-a1a2-24763fd923b1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ1ktjcs4hhg7uB_mNkaF8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF62
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
an-x-request-uuid: 6bc57dd6-42e2-4b31-aa6c-427532d70dd7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6042
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

43 B
742 B

21ms
20ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNVlisb7uSMocsNXaX198PvGPxkWVHjXxOg51ts5mmcVqiVNzIzEjRT5qzAoHdSqzy5pbCB6UKYpz17cFDbUG3nixxxpvIWJqdFiVXzM_1Csh38q_zIE2pSMLdLso6V6nW_k61w6I_wnd_6zj7pRZerxXKCgxyJaCv0w59QO7Kjhxmcuu4M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BDaDN%2BPu%2FdVtF60%2F08VE7Q4tjWwKsxDniDnxX1%2B6bljr3mEBkrgtMxLT6%2BKL7BW5%2B%2Fk5oRe4Ou7dDffldxlOK7fUvn46hATPjAKoGkcUKmZOwgFuHQpwC%2BndFlf3czdbYAQfzD%2FpU8soQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838b894b8bab18d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6042
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYNzd9bn4YBgUvI8344AKgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1

43 B
731 B

18ms
17ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNVlisb7uSMocsNXaX198PvGPxkWVHjXxOg51ts5mmcVqiVNzIzEjRT5qzAoHdSqzy5pbCB6UKYpz17cFDbUG3nixxxpvIWJqdFiVXzM_1Csh38q_zIE2pSMLdLso6V6nW_k61w6I_wnd_6zj7pRZerxXKCgxyJaCv0w59QO7Kjhxmcuu4M
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bow6rK3UTI3TGmSRkhmqYlMVBP3P0ply2CANmN7Wgu7A3QSFP0HSBomtMrp2VGksr0orlP5mvpRmW1HemNFIdu9Mb0IanL5x%2BoUvVR32UirtvfHludVc2AckDkY2vWj9fPsKtMzV0ph%2FRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838b894bcbcb18d1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENlakE23jl7trtHoAa7w0N8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6042
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAxjl9BFbe3fZet4sFtXr6o&google_cver=1

43 B
1 KB

20ms
18ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAxjl9BFbe3fZet4sFtXr6o&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIu11fsBMAE&v=APEucNVlisb7uSMocsNXaX198PvGPxkWVHjXxOg51ts5mmcVqiVNzIzEjRT5qzAoHdSqzy5pbCB6UKYpz17cFDbUG3nixxxpvIWJqdFiVXzM_1Csh38q_zIE2pSMLdLso6V6nW_k61w6I_wnd_6zj7pRZerxXKCgxyJaCv0w59QO7Kjhxmcuu4M

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
an-x-request-uuid: c4e7ffcf-f57f-43ad-a3b9-50073cfcacf2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAxjl9BFbe3fZet4sFtXr6o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6042
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

170 B
188 B

27ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
an-x-request-uuid: 23f54807-b6e2-451e-bff3-1d24522a667d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkzMjUzNTc5ODI0NDk4NDk2Ng%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DA1B 33 KB
34 KB 59ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 7480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:01:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53B2 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6716118445158&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53B2 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6716118445158&version=m202309260101&ct=119&x=1&cor=16226733627556910000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 53B2 91 KB
38 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D53P3zMmozkOVyAyHN0tGmGikp9ocYMV2CPGLwfObTN_GJ3fhK4LNPNKV4ulATcwn_W_SzJG2-cZPIaNcIolUdDM3ERL7HdJqphli0lZeJMPhD-OSe90EPmZa2elbK0dBFdk-P95uUyFlBF-BOeqdzA_UPIZh3Ec_MOWZ5FnVmWCPskE7EFgA8_01mKHbFkRR9cYn7&cry=1&dbm_d=AKAmf-D6oauCyk5LWS_vHJrJT2ctqiKjdL6kFZjG2IFQUTYQCIrHPJCBNNaYgS1Y66F9B29OKFzwrEbIygZyXVKThCygvRb-p1zJvDRBXfmXXO3o3AGHZC0vM9qhLslyxjy4L4M-KvzYPd863C7e0z5nA8FcyBeA1tUa1p49V7Fb25ht81kWfIGzQMtc1obxZISVve1Qe4mETzJvgw_w4dwso9dK0yLRzel2zea8O0MJcm19iGg65gYycUXbq2MDfV3rSYxxNFBmIC_BpN6EBcVeNRPcMjUtXIEY12kdiBm_e0c-eG8ceJE_HVZKeXnFHgsQ_kwvXutyBMMnqmOH-9gwrVQnhDAawQWDn8iPXJVYcHk6F-5bBEqaTGHAQ18kWIPfrgJS5ICqu7XSezo5E1ZhpsE4rzvkbn1wcyVedz5_KdAIl-TbYKWPBC5uAmOew5H2OfZeosCPRWzELUkd0rnp1WpyvgMewqBk0Gkh17uUlljUd-LD3iWSZEsI-D6MNBk8WOLEzzVMRJf7a17db4GoDATeCfd3iPzrOmNY8PjkgqALfxRQ_NxzGv1PT3xgyPuhaFncUsjPUyO6-wPOXO1XGUpWHTR9uKXy_C-rI8UbsYoRD2ZPPVX7T9jDLCOHQ43T0QevBUQRH99Ar0hdSL0-A6Rrp8fft3hOp3xh1MfWiQqK-frrmK3upCTZMg9x7hG5i0OJ35jRTvFVvfEJ_EHyM7But4pnSIsne0V__OwFFi7z4gqoGVS0uoOzO-ZNRibvfO--Rn0X3KbyiuhduV9JcPMLbWI5jzLCXMdLfTkQEcWT-tW4kV4ogWxotDUlAV1pvMoaNIbVDU38vrQAg0uLb3m4-a7vQDp4t6xFvZk-MsvbedWn1bnp2maBd9szaGgKZUyPUfMXX_nJVRVuLvJVOI6-EpJxcy1JmMrb7Er-uc9aUWvjYuAlCVzTESWC_Es7M4AHbabhSgNW8QGWYVOUGcavpe9UirLFS9nPczJMCL75GCaqnj4-0Sul8MBQwL6XhPYF--bgtY3oVBpE6HK7YY8Cy4iBNBJOBU1bP6ofjRHEzUaXok80No2rPGJGlG5IQRs84yBX0BPjlxZxeGWY7TTHBcfbrKP4rRip-MXVhzr6b0c2QNzuCEJ_ln2i0OkHlticbjAIVRDDuKd4QkizCuunBRVhHGgY2REFkBGiFMkCSZmQSLksCWfID0QlgX01nwGFd14FdzRrm-U41pyLFzMdHppio2U_t81sMcR_5Kdcj9b_vKdMeaU7pfksboAgeYtTZchGPhRnWOCdCM1usKj_xJJ71Qg6B58ge8m4ymDI-lwmo3vmTrZkykakMhp5OTqXzkijqJ8z8sN64A6ra3U0eVAHxRHYdIWDqqeFaVQneig7bu-sP0lB9UknFsfaFw4o6g6yNQmWnv3bDjElVcjRS7nWpvYhwSDXQHGsmlVupm1-RBdYLrucxa39tJNliN291VxP52RGBNd6GcZVOaGYxIbX9Jzbz6eYZaIvnwA-cZbnxSIisbMLE7IjEXjAZZYoaYaykOppLJ0CLbZvd-fHpJDA62SnnfY0MZOzdL9oTXgZRHMZcbY9io4rmc_K_QT9ku7vF0s4LUbHEgoUEyp95bRRityWt0L4addOAaipj8p7bBthWF-G21w1FJkR698gx93FPdSaCoTbiNeXZ69Shqik86Xt3DJhIDfXNm03GGSmtve1Wqn8xD1YXBzzFFBryvllOBJ_nBJHZ7g_ihGq1V--iVDQm1cl7Wzb_uNwCUM1ncijbko8o3kSJ8n-RElBKAmZYGpRBvSOjAvcEemZ7rep-2lW8fL3f8db1emvDMwdM_7w958UPI9lBUN81BjyTKrUOZ2aZcrR86A91CUDMUo8asT_zBRSJ5ZV0kGsRwe8HZHZTRiovxNTXOZJMaIZ9V2qRyUkKzvrQ-84KS1o1ekqLgMmT4LqLbRqVmYctGNvgcY6a61Js425lrZtGaYnKLcNvbweKwLLwqXOIOEYWZLCCNgRArIHngtdaFRPRV22TU0NdH7DgZaY5WuyImlVJ_dv8wvQ-OlXcYVogEobaUrbP39wyzHJ4fT9QapdhNB2fAb1ZEnG42sBTiNNPAbvpEnqheMxH-EKZx-S4bvq6ITHFH2uiy3DmMPyrMX8tjCp9OvnNok_b__l1yHdmqzMulPEw5et0d3SoRCXw1TYkP2PBl6q0TFMPnCeh-ATqzJvR0BjOyHH_Ck7gwuSVE1qS7cchHn1jSQUb0sMqhTZEXkrCphvEV2bmQslBzPSqaTABoile4u_xb6M6-XD8E_jXBctLrKDIf2Ahoc2VGbb_JuLsp0HXhIA6Ih8G7wSl2a6TuLpVIKjD7eFwS6FX-0wg4uDU8_xJTH_IqWuAXSdlKLT6RREb_6OoLRNnPuZHsfjuIglNaQ-JwVcQkCDoZAFj5mBqRYHv0LCieMW92osZDt4gC395IU9wFJjB2k4DQa4I1XFl3BdFAcc0IcFCYSmyp-UqFEL8Uk7r_ZAQlYyy79dgvo8-hN8FrVG2xanyM3R1BTSZKSSd_2JwThjo0QNdLM3pc3P6iS8ThlOgPUbh-jjBucwbdjLRa4y7ClCtvzdTfci0JvrigUNJiZt0L48Kw03G7rC16uCnm5DVl0exbd8VqgKDp04-eJrv-VLauNGgD6zlgyYptBL6zlHT3Ilr2YzUybeeTPiR3owbCFyFKhIgxf0ADDYPzg8Y_qKxg6PkdYZ2XBv2G5MDATyFcnlNldlGarD0CVvsLDYoRo70-Ku4ps-Hs_ZZ8FNeRJ-bTK161lr2DbRSO_-VjlyIrMwB9hFJExKMnD03XPn6Tm_YsBDbVxaI_HrWmYRVsiy2ASbi-3wvJawU9z-2ymmLdSTn_LiU5N3gtsm-03a04G41nk2ovOMjDNi0wcghk9vDO4yTf6cUsm9Rp2e32B7yp5MFddJnS0dWeMVzZ9uLsxGdXslVAoZlMd5BYn-uF-guQM0F8OrSlVQ592A8wnlxnaE6ZcSbrib5xV8x22lLriv7XJtrjenxlHj29hp2VnFY9BumTYKfX9Rpv2DMlhA8iU_YAdtnNEgD_D88Ee0LZU2Ic3EITAhmiWla0Fr4hsC7ZXbNbotIefWJMyaxAM2WnF3mqDrZu34UCfXfKO0hdFK-VbJ1ZgKSeaNB4xXLxmW-IcvfYsDbWERInuxDJuV1zn7LCEghy2G4LaW1LvCRNU87dbccPesf5BC-pPNomZ2B4qIArt9-a5jzFxCY_IOkf699E6Jy8TsUCQVH1qUvwgbWBNRcKSQ0PeM5FsZaF9B62b1bnk7VTw1PesYIZyohSln-oTX1l5tzyw93rInTRQm-wM4lyNTIO34k_qORIL8UPXe4gVVqfBKKUCfXwAY2UutPSxsBci9z0cbS-oowMAbUS81lz5TFQJWO_NiUv1QGGed3BEJVzjR-ZxaFbFsTkGtst36JUmq0rwnN-ur70MTpyJRFKoTYi76QAAqucgB6m2A50NGIYuBabEXby7p6UcGO0tYiIEfaLgp0DkRmSatqErB0iCWUQbDHOxV5mPfRC1yc5jvBBtbzxPrxAJBTfjnvUI6KoDxOI7i0xev-TG-ceCJaxiiaBylGTpk8bYyvfj9SVlmKyHI_OvAE2NWoBSf0aLkOjgaqKzoZ-UAdeA5M0RhBoVS3x3eDygIctFJFzVl_PF2jOIJVHPsVAzFRuaRRC6l-z572DR-off2yWwj0J_Tu0yCheFs3J0xcsjDHUBLuI1huziedwVOdftI-dDW02_snR1mIy6P6YrLIE1yqRMUGuskCupvDUjyPRoFuYy4_UEwwOx7UEGhJ8jrccG6k4gWicb5XHT_6PEzKYu9CC-0xwdIsqIQ96eC-G_PxYxLaDw2erjoU_W3pHoPJ4OiBX1dnCbweHHfltV5abGJtVSkH-fI6SLbjkFqfnfM0OUorp_YlbNtOYWP_O37eCF4RMDbSsu0CF-_BLt1WgP5luzSixudHWaX6eNcN6UfxL0RtmcwukIUURxUZqW0r-1vSn6zooLq6bCq4IkfCa4Ju8R_3U-dxIW00h7Aq9wQ1yfFBMNG-dGX-nFWo6cSiniG5yUgywVzqVPeiOW0lxwJLoQa8umPDXCGFsPgs5mLfplqymOvE1lumLCCjUt66zTtcQsPFic3d9Y82RmLJ88iNy5AZA&cid=CAQSTwAvHhf_nigH4lKQLD-VfKDneLWvzzjEY2DW_gr5NIbj7N8A15d9byiGtY7wpQ37pKkdWaMhBSd6Kw9uUTGjLlHTzmSeHpQsHH1_fNgXKsgYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkawaiiface.net%2F&ds=l&xdt=1&iif=1&cor=16226733627556910000&adk=497053792&idt=104&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4adac5edf4a16a5c9e143e81d0e5ea5cc063059f1f1c879536d00edc218e7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=468252783&adf=2060785637&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590642&bpp=1&bdt=259&idt=315&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C350x280&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=317
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA26 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4372937570194&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA26 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4372937570194&version=m202309260101&ct=119&x=1&cor=3481342732771152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EA26 92 KB
38 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoxAZhaczBcmSW5m9RG_CX1mxKCf6JHjl7l6Opb5FJlb0dGqf53SaFBZ3TiFvYyUcd2mxma4LVUXo6Kfp5eACP1sy4S9hKErMhx4w7NkOTHlrMUCSdUvEBLBdX8-cCMTmNoLwchvhJ_7h-cUvha1G7de7L-ohudQyFKAY-NXORs5vcOiyY3BCw5HpztmWxkGlj87xI&cry=1&dbm_d=AKAmf-CyNFA3jMJ_Of4g04c3Qd2DMqwyKY4FADWMxx-jDJ4i6SbKreVWTnFMNhko3FqvCry2lJG4Cn2OSYwFu2sLpMecQmdW3o2-fUTK9p91ffE6KdTHZF0_jXbad1y1Y_quvaN6Lrj9kRMSx8UDjL3gaXAbue3yZzIMi8DrSmoUQkwqQhfclIR2TkqlFg1_rHaHioobh6Nto6l5l2VBJ2H8U4M9SCp5XZ43OvplqXtbAc5-5m44DfSfqHA3CYYyD1s_m95NrSvePK5OM2V1ajusKeYUP6wpN7VD51x3R7mOJ3NpI96YERHyxlBi0nMEcRhA1HaAYmO1HwAXn9sylmrJGbXhoPKFEonAhLNU1n2-7DSJpZUMjNeXlHkx3Cpedj38s0Xvi5qD0UQ2gjS5sPAmlS-SzWopnO0OgMo6gnQH7xT3i_mF5DSM55fewq7zJr5K0T_b9mB62l9HTqMKe7pfsWm1dWONCYZ7zNGDHjSzKl3EM_jlN_5YACUlocIUaIXdpWBgs0u4fis3NU8ekq2MAaoEM2dH8RVPQ5QqDSySupB3jfyxNGkzjUsFzvOz9flavvr_TBL2Y2N2GMsMQr1oTmJmR1VXCnJom41S1r6lbkoDzVVmnZcmlRg9YwGMh2YSxMQTZL81XZ5kaX-pKMA6I5v4_cmp8DlgcCVOAPP3IWZ8pwOEwqPuuOUzMiDjQ5p4VnWWPjQJEv0fZNh707Jsk55BrATxc4kBTAS8TQVPENZ-LEmtdKTUvZfza57wDEcHMhHViQotABPbdNs60hw5fGUjpBFFIr_XYY3Iw0j1hxoA6NsRz0jOX222O8Os4rrRYNwjf_msiCQGpThZK_bHgU7-UfM2wxmvqXTQZOJhQuItiPvXhC6n5-mCFi38c-8Sof6locLOF2M-hPZhsta7MI4N1odqXdOAgXp5Fzw4RvWqmHYlpyfQWtuS4V-m5R0eMOX0DmiXordVuTHZkyU4dXvBuNB1EHMrD4ImAywuhChFTMdRdhWYdhAzbjuREA22JycwwrGqvFmDKcAgNvb6n32N9oXAn7SEJ8BfMZHDIqPXEXlu7sCrdROtfnQE4MPIVSW_zJ2g77TKvDrnlEPr5mLP5iBmlNE8iK1CDRI8Na8AeXAR4LnZSpkrwHMIDM9eSGft3kUowgi5sBU2f7pivP5tpkVAFR7S5MghPH4hyHDs9gDIK_xTaefpbnG04dEgQUhLDWlU9GAxzZIhWXnNysmlNlrjV-YCIyHL4lP5Qk6G5nGLiSI-ze7V-dB9ICrttFrSldN-it2gCZ7cYeFIe-A1y-P9ZwWYnXkflLNVao5bf0rRvIDwbf33uo3eIQFJoWt0R6P4hB4qCLlBshBLeMUY5SI0cdgt8Iuy1lHlN1fuQmQ-YX5NbIw5tCwSG8gIh5JwU4tSIKppXpvQ_iHXKGFYZJJejdNo-cnRBAuo4CIZp-znW7XFENc3qYMP18WGqgekRU6tHf2feNEXMemWHHqRiAqzNQZT4Uhl9jLrwJdgWBHP4wKteqq2loJTthobHhUJZbQlKl-4T5yaSj84DgeAJEB_V7Uedtrxh85WZF7FT3qDCObSPL6LifjnTC5I7mc5wIsJRuHqTLDDB9joD_TrfX_Bra3GNlRZvJIJvyC9xVD9aRdjOr6Kl8MmeMAVbJgRFCMD-tRHsHkva_BYOXeRiiysc8Ke129JuwZSsuY1GfpUyguBrVysBQ7qVyPqh8ENht0n3uSeTB9aAZMluEztOoZ1H2Glt-ZcbDsVGaU66iRJ8_74YTUOhz9xqo9W2WaEXJR-fpzGOleIpN9tLgYicu3Eop-qzgTncYePQWI6q0z0RK4xpLBv9GCYKdqeeJZidyutApBsz-NF2zIXCHmUfk5ILS2nb7Z-kkp_tMvuFhpZaSS1AHQKUYNKbQro5mSLV4rYCGz0e-Uk0ufOCCYFC2Srtr6--71LvN0mrRrns30hRShzAGZG_e90QNZ1NwRtltSrR2DuG9W936u8BeChE3w5ZgTtdc_6Kd6YzxVxOlyO_4Wjd8007y3FVIBFw_MzaXazJihw2Wa2BCDZ1AXt4PsnwqyPnUAma6lbcWufg38ZlMvDMVilIctefF9hN18nC3szDKbG6Uo5W0mOGsnt6JL2jOoUE0l1BaTgkGowX2FliGJlwCfMmFUKGLdk1JMOv4e7A0T4kRff07alEGoPdlH9BaIN4WP238ikanMfu7OppFQPbvfZhLuUhe-7_2HsAXKLG6NyHZV3WrlPV8YUzpUkg_VTiPCzTDGoLWUXlDvpitBKCLZAVO5GkN_0Yewa0UDsegS4jkQfZdhlrb5RMc_sT0EV_pm3U86VA7746ZTJwUvgJu_rqTYATH4-cnaEp_oqN4btBYkIaUOkLK2wCuyVmpvrQeuOt3U-oObIqIhCViShwJwhAtmltzIFREV9RelxRKEO7-l50sRvHTR9YpQ-CGykx1P2lsaeJyPgHc_QAd7vevRFLMCjWnKQJnFSuH9jSQCHhP4F8Nb7XHPAhixDV6uBG-D4M5lU2qTaETvlQMCdaufXrMzce23Who6YHJmuvd2gyR3VRRLniwlPDSGlL-CzjpK_ElhP3EPOn0DJrWZekZbyMhUhlR5c1nG-mJxjX3fJoMUznl2kW8XKDEYcE3B0ieIxXsbL5UKTWx9yCgtFkRAW1tOJ1QxIQLBJw8sq15aBBkmmILCLHDNoPUHx_FxQu3VwhvYjIg5Keb08kAU85BOVqUiQp7jszFuzdj-cNBUzkwD_4zb-vlLPInyCDZR9zMjaW8rcL_OiFBB0RXEMsReWflu5r_zxqqIMTKzDW0R_m_2PeF1mDf_hZ5A761WtE_AwthSjw9AalEKF2_AYK08AbWt1DH7KCGNobTIJ98ahO07E1873uiFiHT12ICbKVMNH6_16dgYo_OcinOPy8P8S2hWOn7_3qdzNTUpOm3g92hRerQO9FwgesSiZJDyeuds4V2YQa2lJWW47kso42ARRFYsZbQclwrobCARUPIQsPpkZ_pJGMfkTl_i8u7ScqGBzIyG4-GplHnIgDICyYQ87H300FUQORN6tBjtiH3VCDke1n5a-lqbjTtabavabePciGbUuxxkTq-hD9NLe8CQkoq2ulHx8MTDQuc9LHgwAPrtWiZkg0mFwe2_ahwv__Uib7Kp0ZAa26vHjtFj8GmnLADNQn48NOOZIXzxvmp0jSp-x6GY1EPVwzZJyBVsiXmZPziPTen7wj5vAOFX3Eq0epZqmYcSY9eMLV22fCe5RRkNwv1QKEOoA90asR_s3VGwKvyyd3cmgdcBNFl7jUfP0lMtT6qszjg3KwfkGzea0FG_6pcaPbU1NvOUPnhULt12cDA9N6CedoJeDJFZDrA7EoRe6j44Ns7sk46V2ZiecEpz43S_QN7mJZxL29EDgZRAXfkOcKBawUdqkNgeCbu6RIBtSnv0HeBVeqwA9tX_GUeeMqCmjN3Xm3uifr90NHPPWri9QtKD2xuIrVjGe_vtIpGs5o1Qilw5wDjbBzlBpEx7EP3S2f_abmujIUoyObsqU-QvxHNxZMji-HZZTmbZ_DVahJKVa8RcJJy4zrUDmqvWQwgvwwjtHumwf-yHfGi-ktv4INGkPuGyXZjw4uAJBM7nXAAS3pjDlNdNdFZIgXt2bVcCW-1wW8cq267NUFNJa4w0ya5hj9QQ_5UeV16yPHGl8KdR1rfotTrncKB---CrTFfRlgKXydu1AZobga-DsV2JXMmJkt5074mpkrFIrEft3K1ctzHgPmKDYTTcinOaigREd1nkfm7N1XmY9nPAFc11QdDFMW0n41o5vrgzeNPP2V0hUAd5kHeHoQk3QomYyKE5_Fn9hK4pAD7fKaCGT2bLXvQy8mDvpfRFqHMnOgcaA_lv5xbPCUGY452DrN3eeNvpZn3VScQlwDkhxcZ_O79pkI8L-HbL7ktnKyHbcjgF2nDQ7DwW0DWZSwNP-Z-p1iwegdHPhAo6qaA-0HQ_E6XWftMkLcvA2VGW2bYj5gq3mzEqscKT8Sj19IxSxvMRIF8eQMRvqtxUkuCipogwdPhmDt8d1eGNaPd4aiI0qVXD3iKVUbrRo9W26d4z6_jL0KBwp_bVe6nKzOIIZEY-xDALigFa9mNOe-foijBxdd-HlMB8-5AVETy8yoX34_LwVDKBF-8RvRTcXXyzluqCGxHVEPKj5y4fZs0k&cid=CAQSTwAvHhf_O3k3BSqq8TOOz_A9c6IDOjNGYrQPtXCjeryhxQl--vY4LmzWkDpmSkhOC_1I5k0yHIRH39hMlztXU0NSNKzrZldYv5JCos7AT0IYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkawaiiface.net%2F&ds=l&xdt=1&iif=1&cor=3481342732771152000&adk=2124396031&idt=116&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c78fe8394790ed36c8d30caaeb8fa5bf5db3d152dda2a80039256cfcdf11222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9071029697740471&output=html&h=280&slotname=8496643944&adk=1089622144&adf=1413067584&pi=t.ma~as.8496643944&w=350&fwrn=4&fwrnh=100&lmt=1703113590&rafmt=1&format=350x280&url=https%3A%2F%2Fkawaiiface.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703113590638&bpp=2&bdt=255&idt=308&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=145909187997&frm=20&pv=1&ga_vid=1878438949.1703113591&ga_sid=1703113591&ga_hid=1465965668&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079437%2C31079758%2C31079980%2C31080103%2C95320885&oid=2&pvsid=1913112893402809&tmod=407929610&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DA1B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CzvSKdnODZZG8PPPR1PIPud65ONS7qNB0tOmj2MwS2dkeEAEgp6GhI2CVgoCAtAegAa_K-MUDyAEJqQIVJuyYnmSyPqgDAcgDywSqBMUBT9CB97J7jFJJbXjOR0aWxhbHCxJQfgxeZJx8Ds7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226525550239376961590%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259...

0
0

80ms
48ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226525550239376961590%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221512243203161672049%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6525550239376961590","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"1512243203161672049"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 23:06:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 23:06:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6525550239376961590","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"1512243203161672049"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 59A7 51 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 53B2 172 KB
61 KB 92ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 53B2 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D53P3zMmozkOVyAyHN0tGmGikp9ocYMV2CPGLwfObTN_GJ3fhK4LNPNKV4ulATcwn_W_SzJG2-cZPIaNcIolUdDM3ERL7HdJqphli0lZeJMPhD-OSe90EPmZa2elbK0dBFdk-P95uUyFlBF-BOeqdzA_UPIZh3Ec_MOWZ5FnVmWCPskE7EFgA8_01mKHbFkRR9cYn7&cry=1&dbm_d=AKAmf-D6oauCyk5LWS_vHJrJT2ctqiKjdL6kFZjG2IFQUTYQCIrHPJCBNNaYgS1Y66F9B29OKFzwrEbIygZyXVKThCygvRb-p1zJvDRBXfmXXO3o3AGHZC0vM9qhLslyxjy4L4M-KvzYPd863C7e0z5nA8FcyBeA1tUa1p49V7Fb25ht81kWfIGzQMtc1obxZISVve1Qe4mETzJvgw_w4dwso9dK0yLRzel2zea8O0MJcm19iGg65gYycUXbq2MDfV3rSYxxNFBmIC_BpN6EBcVeNRPcMjUtXIEY12kdiBm_e0c-eG8ceJE_HVZKeXnFHgsQ_kwvXutyBMMnqmOH-9gwrVQnhDAawQWDn8iPXJVYcHk6F-5bBEqaTGHAQ18kWIPfrgJS5ICqu7XSezo5E1ZhpsE4rzvkbn1wcyVedz5_KdAIl-TbYKWPBC5uAmOew5H2OfZeosCPRWzELUkd0rnp1WpyvgMewqBk0Gkh17uUlljUd-LD3iWSZEsI-D6MNBk8WOLEzzVMRJf7a17db4GoDATeCfd3iPzrOmNY8PjkgqALfxRQ_NxzGv1PT3xgyPuhaFncUsjPUyO6-wPOXO1XGUpWHTR9uKXy_C-rI8UbsYoRD2ZPPVX7T9jDLCOHQ43T0QevBUQRH99Ar0hdSL0-A6Rrp8fft3hOp3xh1MfWiQqK-frrmK3upCTZMg9x7hG5i0OJ35jRTvFVvfEJ_EHyM7But4pnSIsne0V__OwFFi7z4gqoGVS0uoOzO-ZNRibvfO--Rn0X3KbyiuhduV9JcPMLbWI5jzLCXMdLfTkQEcWT-tW4kV4ogWxotDUlAV1pvMoaNIbVDU38vrQAg0uLb3m4-a7vQDp4t6xFvZk-MsvbedWn1bnp2maBd9szaGgKZUyPUfMXX_nJVRVuLvJVOI6-EpJxcy1JmMrb7Er-uc9aUWvjYuAlCVzTESWC_Es7M4AHbabhSgNW8QGWYVOUGcavpe9UirLFS9nPczJMCL75GCaqnj4-0Sul8MBQwL6XhPYF--bgtY3oVBpE6HK7YY8Cy4iBNBJOBU1bP6ofjRHEzUaXok80No2rPGJGlG5IQRs84yBX0BPjlxZxeGWY7TTHBcfbrKP4rRip-MXVhzr6b0c2QNzuCEJ_ln2i0OkHlticbjAIVRDDuKd4QkizCuunBRVhHGgY2REFkBGiFMkCSZmQSLksCWfID0QlgX01nwGFd14FdzRrm-U41pyLFzMdHppio2U_t81sMcR_5Kdcj9b_vKdMeaU7pfksboAgeYtTZchGPhRnWOCdCM1usKj_xJJ71Qg6B58ge8m4ymDI-lwmo3vmTrZkykakMhp5OTqXzkijqJ8z8sN64A6ra3U0eVAHxRHYdIWDqqeFaVQneig7bu-sP0lB9UknFsfaFw4o6g6yNQmWnv3bDjElVcjRS7nWpvYhwSDXQHGsmlVupm1-RBdYLrucxa39tJNliN291VxP52RGBNd6GcZVOaGYxIbX9Jzbz6eYZaIvnwA-cZbnxSIisbMLE7IjEXjAZZYoaYaykOppLJ0CLbZvd-fHpJDA62SnnfY0MZOzdL9oTXgZRHMZcbY9io4rmc_K_QT9ku7vF0s4LUbHEgoUEyp95bRRityWt0L4addOAaipj8p7bBthWF-G21w1FJkR698gx93FPdSaCoTbiNeXZ69Shqik86Xt3DJhIDfXNm03GGSmtve1Wqn8xD1YXBzzFFBryvllOBJ_nBJHZ7g_ihGq1V--iVDQm1cl7Wzb_uNwCUM1ncijbko8o3kSJ8n-RElBKAmZYGpRBvSOjAvcEemZ7rep-2lW8fL3f8db1emvDMwdM_7w958UPI9lBUN81BjyTKrUOZ2aZcrR86A91CUDMUo8asT_zBRSJ5ZV0kGsRwe8HZHZTRiovxNTXOZJMaIZ9V2qRyUkKzvrQ-84KS1o1ekqLgMmT4LqLbRqVmYctGNvgcY6a61Js425lrZtGaYnKLcNvbweKwLLwqXOIOEYWZLCCNgRArIHngtdaFRPRV22TU0NdH7DgZaY5WuyImlVJ_dv8wvQ-OlXcYVogEobaUrbP39wyzHJ4fT9QapdhNB2fAb1ZEnG42sBTiNNPAbvpEnqheMxH-EKZx-S4bvq6ITHFH2uiy3DmMPyrMX8tjCp9OvnNok_b__l1yHdmqzMulPEw5et0d3SoRCXw1TYkP2PBl6q0TFMPnCeh-ATqzJvR0BjOyHH_Ck7gwuSVE1qS7cchHn1jSQUb0sMqhTZEXkrCphvEV2bmQslBzPSqaTABoile4u_xb6M6-XD8E_jXBctLrKDIf2Ahoc2VGbb_JuLsp0HXhIA6Ih8G7wSl2a6TuLpVIKjD7eFwS6FX-0wg4uDU8_xJTH_IqWuAXSdlKLT6RREb_6OoLRNnPuZHsfjuIglNaQ-JwVcQkCDoZAFj5mBqRYHv0LCieMW92osZDt4gC395IU9wFJjB2k4DQa4I1XFl3BdFAcc0IcFCYSmyp-UqFEL8Uk7r_ZAQlYyy79dgvo8-hN8FrVG2xanyM3R1BTSZKSSd_2JwThjo0QNdLM3pc3P6iS8ThlOgPUbh-jjBucwbdjLRa4y7ClCtvzdTfci0JvrigUNJiZt0L48Kw03G7rC16uCnm5DVl0exbd8VqgKDp04-eJrv-VLauNGgD6zlgyYptBL6zlHT3Ilr2YzUybeeTPiR3owbCFyFKhIgxf0ADDYPzg8Y_qKxg6PkdYZ2XBv2G5MDATyFcnlNldlGarD0CVvsLDYoRo70-Ku4ps-Hs_ZZ8FNeRJ-bTK161lr2DbRSO_-VjlyIrMwB9hFJExKMnD03XPn6Tm_YsBDbVxaI_HrWmYRVsiy2ASbi-3wvJawU9z-2ymmLdSTn_LiU5N3gtsm-03a04G41nk2ovOMjDNi0wcghk9vDO4yTf6cUsm9Rp2e32B7yp5MFddJnS0dWeMVzZ9uLsxGdXslVAoZlMd5BYn-uF-guQM0F8OrSlVQ592A8wnlxnaE6ZcSbrib5xV8x22lLriv7XJtrjenxlHj29hp2VnFY9BumTYKfX9Rpv2DMlhA8iU_YAdtnNEgD_D88Ee0LZU2Ic3EITAhmiWla0Fr4hsC7ZXbNbotIefWJMyaxAM2WnF3mqDrZu34UCfXfKO0hdFK-VbJ1ZgKSeaNB4xXLxmW-IcvfYsDbWERInuxDJuV1zn7LCEghy2G4LaW1LvCRNU87dbccPesf5BC-pPNomZ2B4qIArt9-a5jzFxCY_IOkf699E6Jy8TsUCQVH1qUvwgbWBNRcKSQ0PeM5FsZaF9B62b1bnk7VTw1PesYIZyohSln-oTX1l5tzyw93rInTRQm-wM4lyNTIO34k_qORIL8UPXe4gVVqfBKKUCfXwAY2UutPSxsBci9z0cbS-oowMAbUS81lz5TFQJWO_NiUv1QGGed3BEJVzjR-ZxaFbFsTkGtst36JUmq0rwnN-ur70MTpyJRFKoTYi76QAAqucgB6m2A50NGIYuBabEXby7p6UcGO0tYiIEfaLgp0DkRmSatqErB0iCWUQbDHOxV5mPfRC1yc5jvBBtbzxPrxAJBTfjnvUI6KoDxOI7i0xev-TG-ceCJaxiiaBylGTpk8bYyvfj9SVlmKyHI_OvAE2NWoBSf0aLkOjgaqKzoZ-UAdeA5M0RhBoVS3x3eDygIctFJFzVl_PF2jOIJVHPsVAzFRuaRRC6l-z572DR-off2yWwj0J_Tu0yCheFs3J0xcsjDHUBLuI1huziedwVOdftI-dDW02_snR1mIy6P6YrLIE1yqRMUGuskCupvDUjyPRoFuYy4_UEwwOx7UEGhJ8jrccG6k4gWicb5XHT_6PEzKYu9CC-0xwdIsqIQ96eC-G_PxYxLaDw2erjoU_W3pHoPJ4OiBX1dnCbweHHfltV5abGJtVSkH-fI6SLbjkFqfnfM0OUorp_YlbNtOYWP_O37eCF4RMDbSsu0CF-_BLt1WgP5luzSixudHWaX6eNcN6UfxL0RtmcwukIUURxUZqW0r-1vSn6zooLq6bCq4IkfCa4Ju8R_3U-dxIW00h7Aq9wQ1yfFBMNG-dGX-nFWo6cSiniG5yUgywVzqVPeiOW0lxwJLoQa8umPDXCGFsPgs5mLfplqymOvE1lumLCCjUt66zTtcQsPFic3d9Y82RmLJ88iNy5AZA&cid=CAQSTwAvHhf_nigH4lKQLD-VfKDneLWvzzjEY2DW_gr5NIbj7N8A15d9byiGtY7wpQ37pKkdWaMhBSd6Kw9uUTGjLlHTzmSeHpQsHH1_fNgXKsgYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkawaiiface.net%2F&ds=l&xdt=1&iif=1&cor=16226733627556910000&adk=497053792&idt=104&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 23:43:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 53B2 31 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 53B2 41 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 53B2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13641338242a3bcf317ee280ac945fa92c3c2f9be24bf3efe975aa545965a80d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EA26 172 KB
60 KB 64ms
29ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame EA26 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AoxAZhaczBcmSW5m9RG_CX1mxKCf6JHjl7l6Opb5FJlb0dGqf53SaFBZ3TiFvYyUcd2mxma4LVUXo6Kfp5eACP1sy4S9hKErMhx4w7NkOTHlrMUCSdUvEBLBdX8-cCMTmNoLwchvhJ_7h-cUvha1G7de7L-ohudQyFKAY-NXORs5vcOiyY3BCw5HpztmWxkGlj87xI&cry=1&dbm_d=AKAmf-CyNFA3jMJ_Of4g04c3Qd2DMqwyKY4FADWMxx-jDJ4i6SbKreVWTnFMNhko3FqvCry2lJG4Cn2OSYwFu2sLpMecQmdW3o2-fUTK9p91ffE6KdTHZF0_jXbad1y1Y_quvaN6Lrj9kRMSx8UDjL3gaXAbue3yZzIMi8DrSmoUQkwqQhfclIR2TkqlFg1_rHaHioobh6Nto6l5l2VBJ2H8U4M9SCp5XZ43OvplqXtbAc5-5m44DfSfqHA3CYYyD1s_m95NrSvePK5OM2V1ajusKeYUP6wpN7VD51x3R7mOJ3NpI96YERHyxlBi0nMEcRhA1HaAYmO1HwAXn9sylmrJGbXhoPKFEonAhLNU1n2-7DSJpZUMjNeXlHkx3Cpedj38s0Xvi5qD0UQ2gjS5sPAmlS-SzWopnO0OgMo6gnQH7xT3i_mF5DSM55fewq7zJr5K0T_b9mB62l9HTqMKe7pfsWm1dWONCYZ7zNGDHjSzKl3EM_jlN_5YACUlocIUaIXdpWBgs0u4fis3NU8ekq2MAaoEM2dH8RVPQ5QqDSySupB3jfyxNGkzjUsFzvOz9flavvr_TBL2Y2N2GMsMQr1oTmJmR1VXCnJom41S1r6lbkoDzVVmnZcmlRg9YwGMh2YSxMQTZL81XZ5kaX-pKMA6I5v4_cmp8DlgcCVOAPP3IWZ8pwOEwqPuuOUzMiDjQ5p4VnWWPjQJEv0fZNh707Jsk55BrATxc4kBTAS8TQVPENZ-LEmtdKTUvZfza57wDEcHMhHViQotABPbdNs60hw5fGUjpBFFIr_XYY3Iw0j1hxoA6NsRz0jOX222O8Os4rrRYNwjf_msiCQGpThZK_bHgU7-UfM2wxmvqXTQZOJhQuItiPvXhC6n5-mCFi38c-8Sof6locLOF2M-hPZhsta7MI4N1odqXdOAgXp5Fzw4RvWqmHYlpyfQWtuS4V-m5R0eMOX0DmiXordVuTHZkyU4dXvBuNB1EHMrD4ImAywuhChFTMdRdhWYdhAzbjuREA22JycwwrGqvFmDKcAgNvb6n32N9oXAn7SEJ8BfMZHDIqPXEXlu7sCrdROtfnQE4MPIVSW_zJ2g77TKvDrnlEPr5mLP5iBmlNE8iK1CDRI8Na8AeXAR4LnZSpkrwHMIDM9eSGft3kUowgi5sBU2f7pivP5tpkVAFR7S5MghPH4hyHDs9gDIK_xTaefpbnG04dEgQUhLDWlU9GAxzZIhWXnNysmlNlrjV-YCIyHL4lP5Qk6G5nGLiSI-ze7V-dB9ICrttFrSldN-it2gCZ7cYeFIe-A1y-P9ZwWYnXkflLNVao5bf0rRvIDwbf33uo3eIQFJoWt0R6P4hB4qCLlBshBLeMUY5SI0cdgt8Iuy1lHlN1fuQmQ-YX5NbIw5tCwSG8gIh5JwU4tSIKppXpvQ_iHXKGFYZJJejdNo-cnRBAuo4CIZp-znW7XFENc3qYMP18WGqgekRU6tHf2feNEXMemWHHqRiAqzNQZT4Uhl9jLrwJdgWBHP4wKteqq2loJTthobHhUJZbQlKl-4T5yaSj84DgeAJEB_V7Uedtrxh85WZF7FT3qDCObSPL6LifjnTC5I7mc5wIsJRuHqTLDDB9joD_TrfX_Bra3GNlRZvJIJvyC9xVD9aRdjOr6Kl8MmeMAVbJgRFCMD-tRHsHkva_BYOXeRiiysc8Ke129JuwZSsuY1GfpUyguBrVysBQ7qVyPqh8ENht0n3uSeTB9aAZMluEztOoZ1H2Glt-ZcbDsVGaU66iRJ8_74YTUOhz9xqo9W2WaEXJR-fpzGOleIpN9tLgYicu3Eop-qzgTncYePQWI6q0z0RK4xpLBv9GCYKdqeeJZidyutApBsz-NF2zIXCHmUfk5ILS2nb7Z-kkp_tMvuFhpZaSS1AHQKUYNKbQro5mSLV4rYCGz0e-Uk0ufOCCYFC2Srtr6--71LvN0mrRrns30hRShzAGZG_e90QNZ1NwRtltSrR2DuG9W936u8BeChE3w5ZgTtdc_6Kd6YzxVxOlyO_4Wjd8007y3FVIBFw_MzaXazJihw2Wa2BCDZ1AXt4PsnwqyPnUAma6lbcWufg38ZlMvDMVilIctefF9hN18nC3szDKbG6Uo5W0mOGsnt6JL2jOoUE0l1BaTgkGowX2FliGJlwCfMmFUKGLdk1JMOv4e7A0T4kRff07alEGoPdlH9BaIN4WP238ikanMfu7OppFQPbvfZhLuUhe-7_2HsAXKLG6NyHZV3WrlPV8YUzpUkg_VTiPCzTDGoLWUXlDvpitBKCLZAVO5GkN_0Yewa0UDsegS4jkQfZdhlrb5RMc_sT0EV_pm3U86VA7746ZTJwUvgJu_rqTYATH4-cnaEp_oqN4btBYkIaUOkLK2wCuyVmpvrQeuOt3U-oObIqIhCViShwJwhAtmltzIFREV9RelxRKEO7-l50sRvHTR9YpQ-CGykx1P2lsaeJyPgHc_QAd7vevRFLMCjWnKQJnFSuH9jSQCHhP4F8Nb7XHPAhixDV6uBG-D4M5lU2qTaETvlQMCdaufXrMzce23Who6YHJmuvd2gyR3VRRLniwlPDSGlL-CzjpK_ElhP3EPOn0DJrWZekZbyMhUhlR5c1nG-mJxjX3fJoMUznl2kW8XKDEYcE3B0ieIxXsbL5UKTWx9yCgtFkRAW1tOJ1QxIQLBJw8sq15aBBkmmILCLHDNoPUHx_FxQu3VwhvYjIg5Keb08kAU85BOVqUiQp7jszFuzdj-cNBUzkwD_4zb-vlLPInyCDZR9zMjaW8rcL_OiFBB0RXEMsReWflu5r_zxqqIMTKzDW0R_m_2PeF1mDf_hZ5A761WtE_AwthSjw9AalEKF2_AYK08AbWt1DH7KCGNobTIJ98ahO07E1873uiFiHT12ICbKVMNH6_16dgYo_OcinOPy8P8S2hWOn7_3qdzNTUpOm3g92hRerQO9FwgesSiZJDyeuds4V2YQa2lJWW47kso42ARRFYsZbQclwrobCARUPIQsPpkZ_pJGMfkTl_i8u7ScqGBzIyG4-GplHnIgDICyYQ87H300FUQORN6tBjtiH3VCDke1n5a-lqbjTtabavabePciGbUuxxkTq-hD9NLe8CQkoq2ulHx8MTDQuc9LHgwAPrtWiZkg0mFwe2_ahwv__Uib7Kp0ZAa26vHjtFj8GmnLADNQn48NOOZIXzxvmp0jSp-x6GY1EPVwzZJyBVsiXmZPziPTen7wj5vAOFX3Eq0epZqmYcSY9eMLV22fCe5RRkNwv1QKEOoA90asR_s3VGwKvyyd3cmgdcBNFl7jUfP0lMtT6qszjg3KwfkGzea0FG_6pcaPbU1NvOUPnhULt12cDA9N6CedoJeDJFZDrA7EoRe6j44Ns7sk46V2ZiecEpz43S_QN7mJZxL29EDgZRAXfkOcKBawUdqkNgeCbu6RIBtSnv0HeBVeqwA9tX_GUeeMqCmjN3Xm3uifr90NHPPWri9QtKD2xuIrVjGe_vtIpGs5o1Qilw5wDjbBzlBpEx7EP3S2f_abmujIUoyObsqU-QvxHNxZMji-HZZTmbZ_DVahJKVa8RcJJy4zrUDmqvWQwgvwwjtHumwf-yHfGi-ktv4INGkPuGyXZjw4uAJBM7nXAAS3pjDlNdNdFZIgXt2bVcCW-1wW8cq267NUFNJa4w0ya5hj9QQ_5UeV16yPHGl8KdR1rfotTrncKB---CrTFfRlgKXydu1AZobga-DsV2JXMmJkt5074mpkrFIrEft3K1ctzHgPmKDYTTcinOaigREd1nkfm7N1XmY9nPAFc11QdDFMW0n41o5vrgzeNPP2V0hUAd5kHeHoQk3QomYyKE5_Fn9hK4pAD7fKaCGT2bLXvQy8mDvpfRFqHMnOgcaA_lv5xbPCUGY452DrN3eeNvpZn3VScQlwDkhxcZ_O79pkI8L-HbL7ktnKyHbcjgF2nDQ7DwW0DWZSwNP-Z-p1iwegdHPhAo6qaA-0HQ_E6XWftMkLcvA2VGW2bYj5gq3mzEqscKT8Sj19IxSxvMRIF8eQMRvqtxUkuCipogwdPhmDt8d1eGNaPd4aiI0qVXD3iKVUbrRo9W26d4z6_jL0KBwp_bVe6nKzOIIZEY-xDALigFa9mNOe-foijBxdd-HlMB8-5AVETy8yoX34_LwVDKBF-8RvRTcXXyzluqCGxHVEPKj5y4fZs0k&cid=CAQSTwAvHhf_O3k3BSqq8TOOz_A9c6IDOjNGYrQPtXCjeryhxQl--vY4LmzWkDpmSkhOC_1I5k0yHIRH39hMlztXU0NSNKzrZldYv5JCos7AT0IYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkawaiiface.net%2F&ds=l&xdt=1&iif=1&cor=3481342732771152000&adk=2124396031&idt=116&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 23:43:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EA26 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EA26 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame EA26 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 900e2e2bbaa994ec773989d6ff315384f2623f7894724bb5ec71a3337f6ba089

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 114ms
49ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 23:06:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1913112893402809&bg=!EBOlE1zNAAY3kmNgF5I7ADQBe5WfOLxb0pFb74evjpeDNFqsK8VW8gihwiBMGnM-3M-wmN5HN6Y2Cit5PhT-hbH7iahEAgAAAEpSAAAAA2gBB5kC9poM6DYHep-hAp0mriiAIgnQwBCDtfhqOutAz9hZf8a8nilbXQogXQACS630yHS5qRY0X8_lcBZ_SE2NPO9hJwV9wL1loZN15Ua7zLjBvaWVKPElBc3Ftd1cpI6fdFbQkEGGTW9766XcJuPi0fhjHEoeGzdNOTkJFhUTWsJO605H0FdyDDjduFU_iCGOh8GaK9gu382zQFA0NSZH372mCw1sB6yynO9dgj8z7tTxxGop9jigaQcw7bRhF_Qah0o_lw0HTcVyK0HqIgVzJhYr3aOIiG38NcIqx8F0ylwi1vvd7ah045VM_NX7JTlZ5ZlSvod2ZjSenmGU3k2x7g_czlmxjihUrjJFsSpEDao31aCcQnnhaUbmmGjkZT4GOHuHycs8Ssj9-kE9zh_RqdrZvgCneN4fgxjpXWrffufRnF2S7s1Arn-rqsRE6C_DFQ-LiIyJFwneagG9OUJ3_F62Cvrb-vmY0O73GTK2iXGVxiUGyQWffabRWL9_CJR9Yy0QAznHrezCrcZtVZBf4mg9riHgJyNv1zAlkN-CFPfkE9wede5Pc4k8JtqmZs6Gb2ZwdfNRZvTTJJxr_XuoZ6phtNKd1NbWm_HS0m7Nbzgb9jPojOfSwcN_-QzDcZ3IIQvbj52Y-MQaffXtu17NEpsqUthjZMmC5n5I181bZub3MTDPnzHvpIO17LDNrSLtHeQOBn6_sqGHp3XZXpcHelYeCi1lj0yFK00oxm9n9BUeL0_nc1yv1JgDYoECpXPFZdB6giTPb9tD-UcZQEUO8MHHN2o-gvg4Jvk_zX8zf_4pEekMM11rY2UkEZOOgOAgmYsCBx_EDH6s53teIVLu8NyhQjnvOfibpnuSaJKr6Fe4zViwM0raWy0gePTnm93IwVNegw7yTE1pyKwEzPy4oNgg4-xdumvfIDnCQ8anjadv5sxLZd7ttn_MZjawE4gzy0N-V5_W80QnT1bXP6mlNuNMtqTKezYbGx50-8-2ofGXPrF4l-srGr7G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87d0b191025e04cbe984a0f320c47c564c63f22ea31bae5e36726a71208bf653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kawaiiface.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56014
x-xss-protection: 0
server: cafe
etag: 9451194502426591239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:31 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4882 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2310975328338901356/ Frame 4D9F 73 KB
20 KB 55ms
26ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=Ha7rmhzups&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0471ff99a51884b733f267d4ee37fd1d95aa3438342fc0b635e64b99a877b916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Thu, 19 Dec 2024 23:06:31 GMT
last-modified: Wed, 25 Oct 2023 14:09:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 53B2 0
0 126ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7ou17qD1-ECx7RgcHDZv6ZFaSyROFn5dqRFCsteeP5XlA3qeAkHmMQVFSE8k51f8iAoWUsRAhp07yHvN-qPMOXKMd0SW9gHfPfRAa3trkeoto1HzYgKRrPJbQcb0SxoZI0mpGd_CpH4AJ3-0xHxBywafxOhf9nKz1Y-MTaHCLAyGEA2i5-UjgOkMnMblnpwmGk7rLEwZbn9w4ecqIXXrAJaHZltnEnwtCQH5AzuCo8QRDYwJENEtI6qdb5tcU4t6L69hRscvRBvLySkYjzYhtpDV-6Kre1D2pLXQeWaNbEChTuQ2TK1mcAi3kY9LNIFHlyHCoWV0wv_2vnXGjyzJ6BU_6HCdFNztnmRzODTx0H9nUhxk9tfF-z53JQDCY7bWVqb3joEb6aUTABfZQ1-o5vAw8MPCLsdCHa9WH16VNM4rREcblSX-F4Q4MHFzaespO8BV2x-Nzj8GFYVYMDGP83l5-ILOycuj0ArsBWx_OuU8m5NtgiPzOd9-URXLqkmQXPbv9Nz-_3XS9vUmx3LIkFnU7PpRISVltgjebh8CvrTVgm-RY4_ndaUL45ebIyU9ycGEPtT2Qu6h2pzMjUC0AUAfWlaptAsflQ4G8lfdrAGUhvkvi7Dd9Al1q-4n0YWFeQ6Z2_h9V2h8ZYicmIoaL4haxiXyGf9cL-rzNPaOI4zbF2yklEDO-4y1jPtFJd0w-XLZVel6dBN90i19L2up3XJhWmzg1JTru10HiqgRDjR-liQFwaKKIkO221LZs3Ef14gwRwp0PSClCGwbt8cVNYSgGmdgZ51H7NYToLpJPPwiMV-rUuTWBG7xfX6btSBjFiOzPBfnVNDEFR-a0f0mb8p8S2tA4jX9OikhDUcWwryz_UoMUhUThFjcXrL-XSu68ZdYiI2DJlva171k_crBRMuYAmG-D2TwSdr1hgDiSfQ7zOT5AjTc0xv6wFhDlBXYKG8Y2jfUa6a63YBwtirFvun5M5hWostpPElo-f7XeYpxIXHGOw-3usw9iMzwPtj9FQ3ai2iaF_vdlWQrRhyvtKK1pDoVWTazjyVOvuAuwLT9SsKwNtTUQEbdrm51swG4jWQMPZ33ETlL1MnwNbjwKApcE6MXv4GK1F0jaT8OCQoE1E8ZCGoV2vgKJnuO-7XuH_gSLkhz0LII52K9eEgtj7egzru9uB-_a22M7qDfyoeiRoQHIi9PvajrDklIwuqUbKLwsv_NW1512qWy_5Yrmw06WfEHgzBdJKWK07XXqGLHc2THMyWNxfN_eIXsd3dNIDa5ys2KaaJOSA6N6HyIBdIPKQ_kDlLq9&sai=AMfl-YTyilLRrhGNlv7VZRZvAAFxBCihrYsSr5sDVRwcfLQea4ZiVNLyhIfGSZCr27ncsLi3_cChJA8uXAYBEsyhW-NAmC2ih7qrIsaBjp9lI_BLNaFL22eyecCyUg5cNhKrqRUjbsCgY3tkbCCIbjt9afkjd0Ik-hhNaujFdS_DwF0nXkNwTgmnKW2ITqVxRp1Gm4x9sLG6GDHnlnVx-LYPmPp4rEUTHQ5dkutSvDihDdoN16I0NC0rGfDiV4EF7SW_BJGwh_pzPCSO6b-zx8_2Z3TKVWmq4Eeu_wfEWd0Nig&sig=Cg0ArKJSzPyhoV1f3tHuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=214&cisv=r20231207.89052&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 20B0 38 KB
13 KB 15ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2310975328338901356/ Frame E62B 73 KB
20 KB 29ms
22ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=mKiFaXOLk9&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0471ff99a51884b733f267d4ee37fd1d95aa3438342fc0b635e64b99a877b916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:31 GMT
expires: Thu, 19 Dec 2024 23:06:31 GMT
last-modified: Wed, 25 Oct 2023 14:09:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA26 0
0 105ms
62ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5zqI94RNgqmbyZpnrTs4ac0XuKhCoSCCdIe1u4Jz0nIrrjhSXY80iHixM6jIOBCM14Z6rkz1ndkFKaHIW1LUuaXnkpR5qF-5PfT0llovO6Q_H5g2SKB-3yA4bIfyJvVjff2owDr-VqObXjiK1xVHmpAuXOF72YQ99_e-sjv9uAQfaHyCNV0VjK0lG1iBppLbanRl3cu6GKX6GgBj3xwK7DLqRD6-AEcaUqp6RlJtrseePLXKPkpPd2-14Uw4_kaSkeYxsDL37zZCZ1kLElEMWqmijphlZ4CXzvFkD35Yu-NGuYoS1ggoRWm3PEmDqDfSAKEEjwGpv_WTIxyWHoN6EpAFBAvo5iIILIgRZF_N8rzgDXYd15ihLaol0lHOWwQ7dcoPX01QaG1VQpjzOVIcG2elUaPTmogvfAc7yqry3GIRnCX7GMFBYR9MzIB9_zSmribRutU1ecT4iIDTtkeTuFsQ7ZmdB2IeBXu92W3hs72jO9m8pD0VvVrIrcBzNFOApBb4xcMtycIWcvj7AvcmNJXELPnj47OQvi6dWXiA5QlAtzcAyspaap2369yizsS50qjlEZQC5DToo8jgtzttpYELIyFaxBQhOc_JHBiBY0-zsxPhZEoR5vo0ITNvYOraXxnohY7uk14cHl7m_AzbuOxD2SsIgLWc4jZOBw3aRNxdMRZs43Lps9lFPthCPR95gdF1ePuG5ULy7TcQn8Zc0iOEzSnm1Fr1j2uRYTHoq5llgCM8Q3O3g2uuRiTgyBTioZMivLMAACFQ-QXymdmZRdm5bvpQh0KqbrJ4_8Nqn24f8cKFqQORhmkze58j1PT72nhhpsHeYy-B6kznyXQ9FYAfawaLxJyu8a63W5w0QNH_ojTF__thIE80ze0tmXeFElARJ0cBiUAS6fRooacat4TrnLdsdEzapjnZKAcDAHb28gQ-ph7fjGQHZKNWUBsnOBLlZc-IYW686zrd5ZZc9SAGno9b3kOB2PbsnykWQ9eYhGQpKrS3rZvHvy8wttQTuReSlmh5DBXrv0c2l4sMG0Ql9AN7VTRNjsrzcBAuPZqJwwNdyl4b-mcJD7RuaaQhQF_dd3ORGiqf74OD7CGnYMwlH3NtmYZ79oYAKGV1auNzgaOJ00HLNiVBfe7kwd6grwoB-4GW-7kysmqKsrysdtrEiC71lUw-qP0CVjorCYY4JmcV20ToxdEntLM3dHbbMC9xJwPQc_5N7yup7-VuNcwYd8GMWzP3CMZ7U6j6j_FBZ-bDy4YYPlsTlHFJwobBNufYZNwndbvG_jDXcMxpx3Qp9_y3N4j7GKpeyQZh9pMkuEb5uKGBA3QMujg&sai=AMfl-YTwDJOECv9F3yOlYBeFbFpO-0Nn5ZIKgrBYro1alq5St0weR9ErXqtcuMGaEGhrMWaiYNzUe8lKeYMl9BjMTCUwldIhNu8spnQGdW6_dUkacwpfnw-Hv8x4tapS6Xbzr4-MOwO_YHDqlI4ZZYgsewtH6a6Ahc9P4AYZbcrZOxtnnh5-FfXfO3WTYioWgp5vxA0WtajPiLzEBcsrI-fYRkIqStj08LDyH_aas-B0EhBvAnDAmD3RofZkhKGe0x4yi7dAHIq-KuEeygAZMx8P1gXSpJTLnO40eK-RSrZUDw&sig=Cg0ArKJSzBJjlqS8YPH8EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=201&cbvp=1&cstd=194&cisv=r20231207.09883&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4882 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8ACD 9 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 4B61 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kawaiiface.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 20B0 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame E62B 120 KB
41 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=mKiFaXOLk9&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=mKiFaXOLk9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 12:23:29 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4D9F 120 KB
41 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=Ha7rmhzups&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=Ha7rmhzups&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 12:23:29 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8ACD 4 KB
767 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 23:00:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8ACD 205 B
520 B 18ms
17ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 14:24:49 GMT
x-content-type-options: nosniff
age: 117703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 14:24:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8ACD 604 B
696 B 18ms
17ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:42:53 GMT
x-content-type-options: nosniff
age: 109419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 18 Dec 2024 16:42:53 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8ACD 16 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8ACD 22 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 02:16:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4B61 4 KB
728 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 22:15:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4B61 2 KB
822 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4B61 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4B61 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4B61 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B61 203 KB
64 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4B61 37 KB
15 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 09:13:33 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/5595490455325292275/ Frame 4B61 43 KB
43 KB 18ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5595490455325292275/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5113d797f036e7bc2485884e58223f9a711bc49266316b271227f65e54c3bff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 10:23:55 GMT
date: Mon, 18 Dec 2023 10:23:55 GMT
x-content-type-options: nosniff
age: 218557
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43658
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 14:59:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5810142944152785512/ Frame 4B61 2 KB
2 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5810142944152785512/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd4dc4f92441144c9d238555167d3488e4dc91094385629265a3436e72c80f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:01:58 GMT
date: Tue, 19 Dec 2023 09:01:58 GMT
x-content-type-options: nosniff
age: 137074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2323
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 13:49:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EA26 0
0 56ms
55ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5zqI94RNgqmbyZpnrTs4ac0XuKhCoSCCdIe1u4Jz0nIrrjhSXY80iHixM6jIOBCM14Z6rkz1ndkFKaHIW1LUuaXnkpR5qF-5PfT0llovO6Q_H5g2SKB-3yA4bIfyJvVjff2owDr-VqObXjiK1xVHmpAuXOF72YQ99_e-sjv9uAQfaHyCNV0VjK0lG1iBppLbanRl3cu6GKX6GgBj3xwK7DLqRD6-AEcaUqp6RlJtrseePLXKPkpPd2-14Uw4_kaSkeYxsDL37zZCZ1kLElEMWqmijphlZ4CXzvFkD35Yu-NGuYoS1ggoRWm3PEmDqDfSAKEEjwGpv_WTIxyWHoN6EpAFBAvo5iIILIgRZF_N8rzgDXYd15ihLaol0lHOWwQ7dcoPX01QaG1VQpjzOVIcG2elUaPTmogvfAc7yqry3GIRnCX7GMFBYR9MzIB9_zSmribRutU1ecT4iIDTtkeTuFsQ7ZmdB2IeBXu92W3hs72jO9m8pD0VvVrIrcBzNFOApBb4xcMtycIWcvj7AvcmNJXELPnj47OQvi6dWXiA5QlAtzcAyspaap2369yizsS50qjlEZQC5DToo8jgtzttpYELIyFaxBQhOc_JHBiBY0-zsxPhZEoR5vo0ITNvYOraXxnohY7uk14cHl7m_AzbuOxD2SsIgLWc4jZOBw3aRNxdMRZs43Lps9lFPthCPR95gdF1ePuG5ULy7TcQn8Zc0iOEzSnm1Fr1j2uRYTHoq5llgCM8Q3O3g2uuRiTgyBTioZMivLMAACFQ-QXymdmZRdm5bvpQh0KqbrJ4_8Nqn24f8cKFqQORhmkze58j1PT72nhhpsHeYy-B6kznyXQ9FYAfawaLxJyu8a63W5w0QNH_ojTF__thIE80ze0tmXeFElARJ0cBiUAS6fRooacat4TrnLdsdEzapjnZKAcDAHb28gQ-ph7fjGQHZKNWUBsnOBLlZc-IYW686zrd5ZZc9SAGno9b3kOB2PbsnykWQ9eYhGQpKrS3rZvHvy8wttQTuReSlmh5DBXrv0c2l4sMG0Ql9AN7VTRNjsrzcBAuPZqJwwNdyl4b-mcJD7RuaaQhQF_dd3ORGiqf74OD7CGnYMwlH3NtmYZ79oYAKGV1auNzgaOJ00HLNiVBfe7kwd6grwoB-4GW-7kysmqKsrysdtrEiC71lUw-qP0CVjorCYY4JmcV20ToxdEntLM3dHbbMC9xJwPQc_5N7yup7-VuNcwYd8GMWzP3CMZ7U6j6j_FBZ-bDy4YYPlsTlHFJwobBNufYZNwndbvG_jDXcMxpx3Qp9_y3N4j7GKpeyQZh9pMkuEb5uKGBA3QMujg&sai=AMfl-YTwDJOECv9F3yOlYBeFbFpO-0Nn5ZIKgrBYro1alq5St0weR9ErXqtcuMGaEGhrMWaiYNzUe8lKeYMl9BjMTCUwldIhNu8spnQGdW6_dUkacwpfnw-Hv8x4tapS6Xbzr4-MOwO_YHDqlI4ZZYgsewtH6a6Ahc9P4AYZbcrZOxtnnh5-FfXfO3WTYioWgp5vxA0WtajPiLzEBcsrI-fYRkIqStj08LDyH_aas-B0EhBvAnDAmD3RofZkhKGe0x4yi7dAHIq-KuEeygAZMx8P1gXSpJTLnO40eK-RSrZUDw&sig=Cg0ArKJSzBJjlqS8YPH8EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=406&vt=11&dtpt=205&dett=3&cstd=194&cisv=r20231207.09883&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 53B2 0
0 53ms
53ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7ou17qD1-ECx7RgcHDZv6ZFaSyROFn5dqRFCsteeP5XlA3qeAkHmMQVFSE8k51f8iAoWUsRAhp07yHvN-qPMOXKMd0SW9gHfPfRAa3trkeoto1HzYgKRrPJbQcb0SxoZI0mpGd_CpH4AJ3-0xHxBywafxOhf9nKz1Y-MTaHCLAyGEA2i5-UjgOkMnMblnpwmGk7rLEwZbn9w4ecqIXXrAJaHZltnEnwtCQH5AzuCo8QRDYwJENEtI6qdb5tcU4t6L69hRscvRBvLySkYjzYhtpDV-6Kre1D2pLXQeWaNbEChTuQ2TK1mcAi3kY9LNIFHlyHCoWV0wv_2vnXGjyzJ6BU_6HCdFNztnmRzODTx0H9nUhxk9tfF-z53JQDCY7bWVqb3joEb6aUTABfZQ1-o5vAw8MPCLsdCHa9WH16VNM4rREcblSX-F4Q4MHFzaespO8BV2x-Nzj8GFYVYMDGP83l5-ILOycuj0ArsBWx_OuU8m5NtgiPzOd9-URXLqkmQXPbv9Nz-_3XS9vUmx3LIkFnU7PpRISVltgjebh8CvrTVgm-RY4_ndaUL45ebIyU9ycGEPtT2Qu6h2pzMjUC0AUAfWlaptAsflQ4G8lfdrAGUhvkvi7Dd9Al1q-4n0YWFeQ6Z2_h9V2h8ZYicmIoaL4haxiXyGf9cL-rzNPaOI4zbF2yklEDO-4y1jPtFJd0w-XLZVel6dBN90i19L2up3XJhWmzg1JTru10HiqgRDjR-liQFwaKKIkO221LZs3Ef14gwRwp0PSClCGwbt8cVNYSgGmdgZ51H7NYToLpJPPwiMV-rUuTWBG7xfX6btSBjFiOzPBfnVNDEFR-a0f0mb8p8S2tA4jX9OikhDUcWwryz_UoMUhUThFjcXrL-XSu68ZdYiI2DJlva171k_crBRMuYAmG-D2TwSdr1hgDiSfQ7zOT5AjTc0xv6wFhDlBXYKG8Y2jfUa6a63YBwtirFvun5M5hWostpPElo-f7XeYpxIXHGOw-3usw9iMzwPtj9FQ3ai2iaF_vdlWQrRhyvtKK1pDoVWTazjyVOvuAuwLT9SsKwNtTUQEbdrm51swG4jWQMPZ33ETlL1MnwNbjwKApcE6MXv4GK1F0jaT8OCQoE1E8ZCGoV2vgKJnuO-7XuH_gSLkhz0LII52K9eEgtj7egzru9uB-_a22M7qDfyoeiRoQHIi9PvajrDklIwuqUbKLwsv_NW1512qWy_5Yrmw06WfEHgzBdJKWK07XXqGLHc2THMyWNxfN_eIXsd3dNIDa5ys2KaaJOSA6N6HyIBdIPKQ_kDlLq9&sai=AMfl-YTyilLRrhGNlv7VZRZvAAFxBCihrYsSr5sDVRwcfLQea4ZiVNLyhIfGSZCr27ncsLi3_cChJA8uXAYBEsyhW-NAmC2ih7qrIsaBjp9lI_BLNaFL22eyecCyUg5cNhKrqRUjbsCgY3tkbCCIbjt9afkjd0Ik-hhNaujFdS_DwF0nXkNwTgmnKW2ITqVxRp1Gm4x9sLG6GDHnlnVx-LYPmPp4rEUTHQ5dkutSvDihDdoN16I0NC0rGfDiV4EF7SW_BJGwh_pzPCSO6b-zx8_2Z3TKVWmq4Eeu_wfEWd0Nig&sig=Cg0ArKJSzPyhoV1f3tHuEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=452&vt=11&dtpt=228&dett=3&cstd=214&cisv=r20231207.89052&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C78F 14 KB
1 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 22:12:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C78F 2 KB
822 B 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C78F 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9092 143 B
166 B 13ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 22:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C78F 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33888
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C78F 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C78F 203 KB
64 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame C78F 37 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 09:13:33 GMT

GET
DATA 200
OK truncated
/ Frame 4B61 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 710414ace5a7bee467bfe81760515ad8532934a383549fc84108e9dc695261a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E62B 7 KB
6 KB 55ms
54ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46fdbbf6e0258a15c40bdc47ed6cc29636127bfff4acb2c532f711ed0f9d835a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4B61 15 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 455231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4B61 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 137543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:09 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame E62B 13 KB
5 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=mKiFaXOLk9&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:12:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4D9F 8 KB
6 KB 56ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0424c3453e5f2870ab2cd1f86bdbb5bb09c41495a719514901835e468ee7907e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5828
x-xss-protection: 0

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame E62B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag...

396 KB
397 KB

388ms
217ms

Media
video/mp4

2a00:1450:400f:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/388810E1024699D08C4F1E2B2517E77C01E5EFF9.82795B25BD742CFAC369BB4F0C46343DE41F2EAE/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400f:1::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eb5a07602ce11460343b2ea1cc8ec2cb01825dad75267a7a84663c365ec2f156

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 23:06:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2023 14:09:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-406004/406005
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 406005
Expires: Wed, 20 Dec 2023 23:06:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/388810E1024699D08C4F1E2B2517E77C01E5EFF9.82795B25BD742CFAC369BB4F0C46343DE41F2EAE/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4B61
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-YSSdnODZZf9Opnj7gPnjaywDrf4x9p0_8e2iccRw_r0_QgQASCnoaEjYJWCgIC0B6ABjsCk5wLIAQmpAhUm7JieZLI-qAMByAPLhICABKoExAFP0OnZeP28wZTwhRHFhSma1Tv9s1eHe9l...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224768238639786957315%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%2...

0
0

50ms
49ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224768238639786957315%22,%22debug_reporting%22:true,%22destination%22:%22https://signal-iduna.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22753475598%22],%2222%22:[%22true%22],%224%22:[%2212-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222301987496413325761%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4768238639786957315","debug_reporting":true,"destination":"https://signal-iduna.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["753475598"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"2301987496413325761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 20 Dec 2023 23:06:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4768238639786957315","debug_reporting":true,"destination":"https://signal-iduna.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["753475598"],"22":["true"],"4":["12-20"],"6":["true"]},"priority":"500","source_event_id":"2301987496413325761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E62B 17 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 4D9F 13 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2310975328338901356/index.html?e=69&leftOffset=0&topOffset=0&c=Ha7rmhzups&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 02:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 02:12:55 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5920 51 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag...

396 KB
397 KB

390ms
219ms

Media
video/mp4

2a00:1450:400f:1::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/774B26D5040593A1A0D8D5F5096769CF70C7B551.22AA48DB2A94B3A972892AFF4C4524815D266F90/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400f:1::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eb5a07602ce11460343b2ea1cc8ec2cb01825dad75267a7a84663c365ec2f156

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 20 Dec 2023 23:06:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2023 14:09:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-406004/406005
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 406005
Expires: Wed, 20 Dec 2023 23:06:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-5goeenez.c.2mdn.net/videoplayback/id/c4505f8c20934ed0/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734649591/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/774B26D5040593A1A0D8D5F5096769CF70C7B551.22AA48DB2A94B3A972892AFF4C4524815D266F90/key/cms1/cms_redirect/yes/mh/h2/mip/2a00:c98:2050:a007:2::12/mm/42/mn/sn-5goeenez/ms/onc/mt/1703113134/mv/u/mvi/3/pl/57/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D9F 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 20 Dec 2023 23:06:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9092
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
23ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:32 GMT
expires: Wed, 20 Dec 2023 23:06:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 23:06:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
48ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 20 Dec 2023 23:06:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame A350 51 KB
19 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: kawaiiface.net
URL: https://kawaiiface.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E3F0 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4882 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BaG-qd3ODZZmXKP2n9u8P0dKgyAUAAAAAOAHgBAI&bg=!ICOlI2zNAAY3kmNgF5I7ADQBe5WfOJjTv4qxQ-IGj41s4gL8WMS1u4rrWlfoWdMkcJQO3ARKHkKEV3RIzgjmp5cpz2jOAgAAAWNSAAAAA2gBB5kDXNmQbH8e5OMz8EvSVqVjGkmdcwWBWuBXQTGDg1TyPV_7wZl-4GQNPlKm6hLQPLmn-qYa_bRzUSMGUVhIT-7wMZWr7nmywBWUIlnSzctXtoJ4iPrbYj3_ge9SQy4hjtwbRKZ8hmkTj_7lkEgpjcmYxI2GWRk-RR31puczVfWCMaeNVme6SKoB1zveDWSYwQPYBQNLpb1-4rt1iWWStMVxa1RkyXdg6ujmv0xWO2_jClPnzwq0MeFysuyo8c55cQuWdNWcexte0LdL5ABfImvtA0HtHeW1iHD9U6Ti663YTi5CVKMOQYqLyzRZQF3s1cViD6Xz_At6xuzPRlRI3JQE8DT1F-2hxaWdXn166q_Jsn5X5X0Zjc7eMEIE2bsPGONvcW2fjXFI2Ep960aNZn3IJTk_6XtXYoOSBd8oQCqgc40B9OMYuoT68Ch-HCoSxGTG5am8IKBSqfBTJyFA2Tq5wFh8WB0c6ujcqOkkaUl9otdv0W_YuVoGUDlQVpkpfy1tm0taYqX43wcrjn_PzaRG9DkaSo1ZceZeDOyZ1r0PtBwXGadYsoUJg-71SzFHFcQF6JHxnGDikh1XL9GQE8Cg1y-56mkl_YRPURcFiwbehX9LO7aGPcjp4RGKTH_s_j0SdZ4-BzZSPq3K4vZmHUidbT985eD03VmtVZQOLAK8Ro9vI2TMzUmpjDRNM26-DozIYkbKt6dP6C_0p2sPIBeYDTx7xJ8zxOzmIUF_noz0BlU6gzjGu9X7Fr4s5o1iFyna-4-f3qFD6AwKLS5vZcC0Qd9fy1GfAUj7fA2f9eRQJ9kj2eBzwcIqSjyDNLMt6eTtJSZ0fNEVyB9lUe-QPsjH35AbesXpBG3NWLPQIBuxkpsJ0abkoiQZhchRuau6giSQXslGjVRQGU2hNkcKzWJEEqGNWGiDAFnnz0CBGmHp5jDnqSoSKrayLgv_anl1B-yQ7ArvMS7nTcO6Y9bgj8rBXUsgy10cMTOHNaUrAyxQTS60EiXMfLo43MHD1R2MzvoBswkF-nLimX0OkD90jWwPpVr16f4OFEP3qeKR9vSBk6dlooU-kvNq7cnwcpAoCDiXBNv6YUgFnonQ3ahz3a7ZVLkXn5EP5NAAMLkHWtB5-U8ilulsBdCObXh26PkN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20B0 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOeE2d3ODZeHAKL-u7_UPgpq9wA4AAAAAOAHgBAI&bg=!KSqlKmXNAAY3kmNgF5I7ADQBe5WfONeJYrWoDcLJdRrEQpNyooiB323lUFRjOjT5VU-huX0QIQK_AAhmSq7F2o5FF2_TAgAAAVdSAAAAAmgBB5kDQbgYOOHnh4TCPMGlAbC2GtWM2QIdw4FJ7Op2TDWAg7S0aL1H9_ZF-7frkdzVJY_YrlqDX0jboujMx60GPvOTOHPCJvfZa-eWMxKQdkiJnE54RACFwJKV9qGpwpPy-kFh4IdqeAoS91ieD3-vYU_XXY_o0yQQYWkduCiSFN5RrcCzfoPhLeNDrcXLXVGm6A72xyjqq4CGrS1dW0RZFrjeNHAmLwZV62XQCVRBMNsZctIp_0olGsMsqdxjVsf8xM0Btl1G-XYWwEkT3maBwKf3If2xbKx335uZ5iUlT_Ja3f-tDCixpcr_y5c-JQJEtRjhOI8sXhoTaVw8bfygF4RZdLIW_OXypXRgpSX96OzNWz1QSmvd0z0t4djvUVz3G4Zms-zzajGYpSbDYsJNQ0PBdqb5V9T9quIYDh9y20Sef8ybGCmh28nVBi7WQ2uIktBV85ga1eFga7TAE5MNffADmbYwteq8DIOj2uToQ7c3PYbLLnLy2U6KfxTo22LLETR13KajwGXthrgNtXqavcUtTl17kPFFchmJeP8AAlSAP_GrFDbSbaOSsJVjriLE83uF1xcvS1WXDxvI2WmRATjc8msJADIlgrIsAe38KHDbgCR_2l4IW_o_I3KmJpGAQ2xHepZN_UqSCj3rEh_ocPy2zY5bTL3KVBv3iaNCsAwZFM5pjlyPXi1jMU6c5dPO2m0bnNlJFhYwiIbYadYVjgVMAizAYL_mLPEiuszWfA2wBgu7nzPJHswRoJLzoutwaSVgUhF4dd4iZRmD2cvDAjeqLlF2iJOSGXkPdLdkJvLVqT-k0KQc9tCM9eNa2k-49HNdhsDIv_6rh8EZ2PDq_WpIdPwaYu8nEQ2eNaiSfNY5DmAuspIBzVufhKwK0H8DbSnuRlzGUAKANEY92oQ0YrjG-KnrM2Pq2sHyDc58R4Z0FkrA3Fw5mDO4DJHGxH76QjV9jIdfbSSj5_7MuAsMsYlW7DGzXIoBeLryXiMkm_8mzosasYdt9yvzLcyCC_i5sexuVC9mVggKnCCx0s4stKt9whgM3l8YaqxVPph3F_GVBLnAkgp3PzMTdfbTKdBF1QQpgrXcXCsKeAsirdc-Gi-2XRDA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B9B 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA1B 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlRxwOmWq7q3w2FVQQqc6MNjSkEKDce96K9AXSE-5KXi3fn0JVEYWraChdPUhzkE2BaLMqNbBHNee9yhcwgkJUmJRZ_-b10nghBAK8he94L2oqZazA2fGM_JzFHg7I1fXBEzfTechq4AtEK1wFTQXflnGR&sai=AMfl-YSkCmtF86KoEPeMsDiETPq2TJpzLRe5ueejiZmTCXP3w3SefoRZ3hpte5zCfveFu5ESw3yvifBh9esJM3GD2IQxk4x10MFopgVeHbGNZXidJWk-HgKbMw6BLzfDtXXgjp5ojBVApLyau1jzHdMK3Q&sig=Cg0ArKJSzFlhtL1je9XUEAE&cid=CAQSTwAvHhf_DD2VmPcdMDCGdOXfyaWjx1xeZbXM_XMEvmIVhgUVaomHkl59A5fAsaffFjfB5gB1eRKO84-5Ngf3KGzqBcFWZG_qdkseAvC2upgYAQ&id=lidar2&mcvt=1013&p=0,0,280,1200&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4220680257&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703113590966&rpt=734&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 53B2 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5Y4J8KltYEV13A-qNycM2NtnSQUMwt0sRW0x0MO5MpxyppaoLnOKfx2V8o0TU7WAm0mJMNz532R-dbI61xuZGmlEq_JzZxJk-x4un7yJNW_ukjaBDPvd-rdb8BeCJFIiX__XBB8YYwpRSY6GdsXwQYJVC&sai=AMfl-YTYCUg2paYS856BsM_YEIy0TWBsSwn9OCHPsDXwICulNOQdOqE8OS3Hnav3aKIqz3fbBCVRhjLYCforZzPV8ZOWqswNhn3b-qEZSsQsd9m1uCHO6bvlRLMM_o1MgEEnkH0l_QhL4TWfIQ8-kI8YWA&sig=Cg0ArKJSzK1hgLfsANodEAE&cid=CAQSTwAvHhf_nigH4lKQLD-VfKDneLWvzzjEY2DW_gr5NIbj7N8A15d9byiGtY7wpQ37pKkdWaMhBSd6Kw9uUTGjLlHTzmSeHpQsHH1_fNgXKsgYAQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=468252783&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703113591436&rpt=314&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA26 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzmzxdpNahJgiWMrZMM_9kflkhpV464XCrDK-E7ygGwm35EQAhJKMt0ktX8lhm4p9ikLkuCmnkMfT1DvbaFHCeQJHa4WaWpHKHk-15QW4zT6ONv28ZNeOMV4D7AfBjyDq6TIDmHXmUl7fZ2AATyH7xTxWI&sai=AMfl-YSR0jOYpiQp0sXmr-Q9eONxtTNqf95apjEa06iKa1A6uP9hS5sVB0wsHC_KVmWNcb8zTTIDjWrYENonqfceyHseY6CsC0BB114J1DlGBNKcd-YGfNavDOoQH6v6tJ7VO8ouiuLDPt5WbK1P01H7cw&sig=Cg0ArKJSzIyJrLPIAI3hEAE&cid=CAQSTwAvHhf_O3k3BSqq8TOOz_A9c6IDOjNGYrQPtXCjeryhxQl--vY4LmzWkDpmSkhOC_1I5k0yHIRH39hMlztXU0NSNKzrZldYv5JCos7AT0IYAQ&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1089622144&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703113591471&rpt=327&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI2a6SxZCfgwMV_ZP9Bx1RKQhZEAAYACCtlu9gQhMIrZ3pxJCfgwMVREngCh0-vwnc;dc_eps=AHas8cCp7wWUVX6ddFBiFAxkH8EkAe6t7PVYUuzfkO7_waxj4i-qr7if3Hj3CwwEA-WPCfAvk1a-IwY;met=1;&timestamp=1703113592886;eid1...
ade.googlesyndication.com/ddm/activity/ Frame 53B2 42 B
401 B 104ms
51ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2a6SxZCfgwMV_ZP9Bx1RKQhZEAAYACCtlu9gQhMIrZ3pxJCfgwMVREngCh0-vwnc;dc_eps=AHas8cCp7wWUVX6ddFBiFAxkH8EkAe6t7PVYUuzfkO7_waxj4i-qr7if3Hj3CwwEA-WPCfAvk1a-IwY;met=1;&timestamp=1703113592886;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIodiSxZCfgwMVP9e7CB0CTQ_oEAAYACCtlu9gQhMIidzoxJCfgwMV8gFVCB1HSgdR;dc_eps=AHas8cAWlBz_QidADn_83i2xsWzdMUvhe_6ATP1wtOsbxyTnv_8J6D_q6qkfgvFVT1BD_ctfdhirMAI;met=1;&timestamp=1703113592901;eid1...
ade.googlesyndication.com/ddm/activity/ Frame EA26 42 B
107 B 90ms
52ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIodiSxZCfgwMVP9e7CB0CTQ_oEAAYACCtlu9gQhMIidzoxJCfgwMV8gFVCB1HSgdR;dc_eps=AHas8cAWlBz_QidADn_83i2xsWzdMUvhe_6ATP1wtOsbxyTnv_8J6D_q6qkfgvFVT1BD_ctfdhirMAI;met=1;&timestamp=1703113592901;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EA26 0
20 B 51ms
50ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4372937570194&version=m202309260101&ct=119&x=1&cor=3481342732771152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 53B2 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6716118445158&version=m202309260101&ct=119&x=1&cor=16226733627556910000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B61 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT-ognYkvc9RMjC9yTW2_TJXnI3YMLlJX2RdPw6zH6jAfongpOhCY-Y5WnD0m7kpgS9mXjFYE4hqrR6803v-xYki2EHKW74OepIEwIsdk498u5hxLHzEZxpsdf8lQm_7YO4rUvyHfgwi3fRW5FB8811mdDpHXYToWS6Qeys97XiPYniTpejYDo6NHIPmT0YaKIUc0HyAihUNxkjUDhRKI48y30_EQbCtlwLVuaF5a8HnPa-Fbu2aTn1QMB8FHQIiMzK59WQE9SajYe53LFOMIED1D3h1gmWHjj2IwOVetzQ11ljue232FbznVduHhjt8FKo11NJJ4M83iRMyTyPbojvXIVfOQu8tv_YwAzw2z691dQPA0nTMSxu436P25PE9S7CJSmJfglLiXW60GghkJRpEFUvFg4OzhijwNTIB__mpDZtRe0Ywi8tWpQA4Lt6NImZDhWhGhHE4aoq2E1ASnIJFjdzod3Nsf-05GKYVbF2KyEazZom24l-J6DKc1c-iNBNG3NtBac9cz3VKnBREpRD7RjzQoO2gDDgrxEyPhTST2otkBLiaj2XU-ibxRkjOMu4yyWtaOLY3ROzVJdkvWgoZJ-5ICNfh8eZthWLmIEzA6EGURiPP5rCmJUqf5UJvg3r3GnSyj7S9Fo3ViHKJ5IuVWlhlyF9S42k3DHaZ6o4emVni-jaABSzpY2-WO9DA4ZwnT6FaEVRq3kmBb_B6bofj-z4EvKLPWqm8ZZ1_xmBKTi6tbdwOQczxHhEq7nH0AVrtoayNVhyurhZtrNsN21ZhVDjugVEX4Zg_aCBYsDrs6TUfwvujSBGc0ZR1LDgAE9MUTOqFK3f0Gp4SkbtwZj73-aOzrn1PVCycrdL0GedYHY2RkM4hLMG6mTiTKcjI95v4wG_Yk20H-FOevGTGWgJBDnylvWhewOBtwuvJ8BDvT7mrxQ_4cXsMTqlZsoB3XpsoT_0SiEjls5u-aJ4EY3JHlj14EZUHsIfMvsK3dKR1WBtmLhL-Y8f3PzIDWg4KCbuDZbHtGSQ0O3kDEneHsonvbeZN1BDAAqNXNWAn7LvKIfstZUEenE49J-M1VtGaQcRCPxdFCQUUkAHS-ArM9QvxgpzVQYA_wMh2jXwhs7xpoXGCyoq6-l3ya26dLTU9_3_pGlEhC8jMnQxWSr5yGhd-0W1Yj3n4zQN6jvkhcip_FHR1GcNMNbLgo&sai=AMfl-YQig3U5Moc3jQ3u0bWMyVKpzD9Cl0fE3L-yg70gNPpMDKrc1g-aJDXYEfINAQmu0eIpec80XtWuV59CFKTII9cy9AxdCO7ZJylFtKxuUe-ErIcl1AVAYlfms9VEBTC9-pEVNmoss3Daxct6115PV9t-Q33iSZs_fWUffQU&sig=Cg0ArKJSzPNrfy5dmoADEAE&cid=CAQSTwAvHhf_vdTl61SlG2noSsC0M4BXTdiODH6eaAqpDzeG_Bg9hNWBSAh07Yt-psr7qrGdr1lb7GvPCzFozMpLaOprEO5iKOANqaMjZ3gjqJAYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=125,820,1000,1081,1081&tos=125,695,180,81,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703113592006&rpt=366&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Dec 2023 23:06:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kawaiiface.net/	1970-01-21 02:26:49	Name: __gads Value: ID=47b0bb4cd99fb955:T=1703113590:RT=1703113590:S=ALNI_MZTe3VfVB5dwPZjKTFS_4YVzh47UA
.kawaiiface.net/	1970-01-21 02:26:49	Name: __gpi Value: UID=00000d243baded25:T=1703113590:RT=1703113590:S=ALNI_MZ6dZBy1Ca9F0karT5weu0LhLVlKQ
.doubleclick.net/	1970-01-21 02:26:49	Name: IDE Value: AHWqTUm8dlU-jOl-2LR3aP56DdjRbMnmhvXiuXAq2uFFd-UrIl-6YTVzFQfDDPpB
.casalemedia.com/	1970-01-21 01:50:49	Name: CMID Value: ZYNzd9bn4YBgUvI8344AKgAA
.casalemedia.com/	1970-01-20 19:14:49	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-20 19:14:49	Name: CMPRO Value: 5209
.adnxs.com/	1970-01-20 19:14:49	Name: uuid2 Value: 1932535798244984966
.adnxs.com/	1970-01-20 19:14:49	Name: XANDR_PANID Value: 9xhXJlkn09SMEtFRk4QXz5FCim6zfSauIdtBX5_AZb-etTR7r3V5Fbsc2SW-_GQU5gX6A04K3YCXluOpO7IWnaa1CzBnyYIJvQaTVo_odho.
.adnxs.com/	1970-01-21 02:41:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 19:14:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@r0K_V!]tbPl1M>e)ZlrFUfJ+tGXvWBXSI#<@h^L>:Voy:[Hj5MC_w38Oz!Jvbph:KbpRzqF1`ba<JLvl!
.doubleclick.net/	1970-01-20 21:24:25	Name: APC Value: AfxxVi6DaBhRB7BvTe06WexPVENLUbCRZPfy3lNya-jwcQkBqtPNdA
.doubleclick.net/	1970-01-20 17:05:14	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 19:14:49	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:05:17	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://emoji.kawaiiface.net/dbwlmbag.js?id=GTM-WMXH2H9 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
emoji.kawaiiface.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kawaiiface.net
pagead2.googlesyndication.com
r3---sn-5goeenez.c.2mdn.net
s0.2mdn.net
static.cloudflareinsights.com
t.mindtake.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.198.8.50
142.250.184.226
142.250.185.98
142.250.186.98
172.64.151.101
185.89.210.46
2606:4700:3035::ac43:9a62
2606:4700:3037::6815:30a8
2606:4700::6810:3965
2a00:1450:4001:806::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400f:1::8
63.32.232.249
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
0424c3453e5f2870ab2cd1f86bdbb5bb09c41495a719514901835e468ee7907e
0471ff99a51884b733f267d4ee37fd1d95aa3438342fc0b635e64b99a877b916
05b339e5d3e3f996ddf2e5bf60d00bccba0db4aff9a1843f0aed838febd2dde9
08f976bb29d4335f15d4742772acce1860b5e03a2ba9d83909341058e704c572
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9ab35d945f73d2a3aa777486433c178ceff206a883499e57762e37610a4ae4
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
13641338242a3bcf317ee280ac945fa92c3c2f9be24bf3efe975aa545965a80d
17fb72713b443fa9c0f0cbc3915188376924f03acfb0cc8da88b6eff4b80c87e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c5d94e78d0ef3c760dd08693690cf798e2fcc115b9d2e1ce997adbe7a50d247
1de32368f3a8a421c236ba3adae8574471e368638558b3e690b42bdb3fae1bb5
1eb15cd5482cda6b6beba00836774d07338647cafe8ddc52da9304c9131fc464
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
284480e72817caa8140a455de1a753ff92085d05ec0c3e46fe0a2ccdda20742f
29d669804041c00f67b004492b54a6e63f713d69a4b8db0d0d602accd3f3ad9d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
385fc7633695226e8646fda0d754a0c3a818f70ead68917a6c9940985c161d74
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
40065ccff24c7e61e9a37f5cf2e986546b9e9cdbc0266a7ebbca11176011a148
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41ca602fd5a09fc9d901eae7f1fc7837609b435af5ece01d596b818d2e6b2f24
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43130dbcaf2c7630ccbb426e95fbf9deb211bab6527ae36f17cd1fa7d4f270ea
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4665897d24262102f74da3cd51341eab7682fc247c26b953d56c928ae2596763
46fdbbf6e0258a15c40bdc47ed6cc29636127bfff4acb2c532f711ed0f9d835a
48f479bebb230a527888047b4ed8441a06719008ffed1edf32613e496d0e659f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5113d797f036e7bc2485884e58223f9a711bc49266316b271227f65e54c3bff0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5be928b7ac0c65042803f2e0b4f8512bf3af08a7e8d274009a2a59c546ad18a9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67e0edcf638019072fcd1ef34140b84553d3daf3e8b158ebb45eca686b96419a
6dd4dc4f92441144c9d238555167d3488e4dc91094385629265a3436e72c80f5
6ec8fe3b1622b9acae28cab44d0ed08ca665408ac6835ea11e7e60977e67d933
710414ace5a7bee467bfe81760515ad8532934a383549fc84108e9dc695261a7
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
778a3e2cb9eaefbcb6ab18774e9b0e645cf560118aad705edf824dabbbd83757
789ebbff9f2fd250f712dac297c1f3342db57d6aa0dd8e514917c50b879a1b23
78aa433226a89fed81acef7f7af34ff1e8b85de259cb3e9a2554f226c9910c53
7c78fe8394790ed36c8d30caaeb8fa5bf5db3d152dda2a80039256cfcdf11222
8582db746e426d5b847aba222ae90b4a7605723b27c5126d673ab0d54116de47
87d0b191025e04cbe984a0f320c47c564c63f22ea31bae5e36726a71208bf653
8ca1932d9f3a83ad174371e5d45733483a35823fe065731f7c60c91e583544c7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
900e2e2bbaa994ec773989d6ff315384f2623f7894724bb5ec71a3337f6ba089
9708e4281c038660be5220074a607d5e7921b1e9edd5262a0c1ffe143d5bac49
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2cb0da268001c934c3d0a9cbdff6b40d52d12e5fe7524f257a6f612bed009ce
b4adac5edf4a16a5c9e143e81d0e5ea5cc063059f1f1c879536d00edc218e7b5
bdc1765e2b1b48df50283edf3f46dcfbe879fe3c18a70785646d293d15c279d6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf35739e2e7cf01a6d790efff1bde923b96353b8280b2589d327d1c48690a38a
d12c9a6ed06cd2604aed69429477f3db70f1a9964c578038c612a20e57252a51
d1e5e4dcff7d7415badf0a03619960688cf6ae791e4a1d2e208a5a40a42ec0ca
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d819c0bc704a4ff73385b72bc752a7e8ee5795b52f60b2655fa795ddc5cf1aeb
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e14ecaed723b316d6d9cc6f0e9d81bc4183fe4d8e8465c1ce0da9a9ad3a5bb15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5a07602ce11460343b2ea1cc8ec2cb01825dad75267a7a84663c365ec2f156
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed58bb7bb8520520816a84f781c7a80e54ca19829b67984081530acbe891f2ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69591039556db35165093addc94fc0dae33171425b07831b20bd8d4d8b4c2dc
fd461fcc331a7fff33fba6b64c1c161775929aca2a55e230331950932b5b063e

kawaiiface.net Open in urlscan Pro 2606:4700:3035::ac43:9a62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

92 %HTTPS

67 %IPv6

13 Domains

21 Subdomains

20 IPs

3 Countries

2614 kBTransfer

5669 kBSize

14 Cookies

5 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kawaiiface.net Open in urlscan Pro
2606:4700:3035::ac43:9a62 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

92 %
HTTPS

67 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

2614 kB
Transfer

5669 kB
Size

14
Cookies

155 HTTP transactions
6 data transactions