ufonts.com Open in urlscan Pro
2606:4700:3035::6815:126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ufonts.com/
Effective URL:
https://ufonts.com/
Submission: On January 11 via manual (January 11th 2022, 3:53:06 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 19 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3035::6815:126, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufonts.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 7th 2021. Valid for: a year.

This is the only time ufonts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.152.40 172.67.152.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2606:4700:303... 2606:4700:3035::6815:126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:401... 2a00:1450:4019:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
4	185.66.201.58 185.66.201.58	201702 (SKHOSTING-EU) (SKHOSTING-EU)
5	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.98 142.250.181.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:401... 2a00:1450:4019:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
112	25

1 172.67.152.40 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ufonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3035::6815:126 (United States)

ASN13335 (CLOUDFLARENET, US)

ufonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4019:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.66.201.58 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.58.skhosting.eu

xe9o.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.66.200.127 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Wilsonville, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fjr04s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4019:800::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	497 KB
24	ufonts.com 1 redirects ufonts.com	188 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	103 KB
8	uprimp.com uprimp.com — Cisco Umbrella Rank: 141058	11 KB
5	gstatic.com www.gstatic.com p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com	15 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	2 KB
5	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 148362	47 KB
4	xe9o.xyz xe9o.xyz — Cisco Umbrella Rank: 129231	146 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1343 m.addthis.com — Cisco Umbrella Rank: 1311	217 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37	36 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	111 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8579	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 10412 in.getclicky.com — Cisco Umbrella Rank: 8629	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	644 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1539	811 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 348	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	33 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	36 KB
112	19

	Domain	Requested by
24	ufonts.com	1 redirects ufonts.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	ufonts.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	uprimp.com	ufonts.com uprimp.com code.jquery.com
5	ylx-i.advertica-cdn2.com	uprimp.com
4	xe9o.xyz	uprimp.com xe9o.xyz
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	s7.addthis.com	ufonts.com s7.addthis.com
2	p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ajax.googleapis.com	ufonts.com ajax.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	in.getclicky.com	static.getclicky.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	code.jquery.com	uprimp.com
1	www.googletagmanager.com	ufonts.com
1	static.getclicky.com	ufonts.com
112	26

This site contains links to these domains. Also see Links.

Domain
yllix.com
old.ufonts.com

Subject Issuer	Validity	Valid
ufonts.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
uprimp.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
xe9o.xyz R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://ufonts.com/
Frame ID: 26D3352B62EC0F8E5388DD0DE6CEDA42
Requests: 53 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=topBanner&pub=741334&format=728x90&ga=g&xt=164191638157354&xtt=412877
Frame ID: 3AFD6A82C49217C1C189FCCAE0A152D3
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4622A335241A7452CD8A60D4BE23AE50
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: C5D42601114FE867A092F3169FF9B0DC
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Frame ID: C302B41E84C8EDDF623E32DC6B6A5B18
Requests: 5 HTTP requests in this frame

Frame: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCZZdpjAjdjCdZAdrrCxCZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_95284&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1919570837870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: D01F4649653024977BC0DE85980B2A41
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20190131/zrt_lookup.html
Frame ID: 57FBB7C5D7164141B682CD807A13278A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&adk=1812271804&adf=3025194257&lmt=1641916383&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufonts.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382617&bpp=2&bdt=1159&idt=758&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5883338801194&frm=20&pv=2&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=775
Frame ID: 6141CA0F6170998C410FC64BB27C08A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&h=280&slotname=7077888809&adk=191396302&adf=1938573118&pi=t.ma~as.7077888809&w=840&fwrn=4&fwrnh=100&lmt=1641916383&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fufonts.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382619&bpp=2&bdt=1162&idt=778&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5883338801194&frm=20&pv=1&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=169&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0CjV25SA1p&p=https%3A//ufonts.com&dtd=783
Frame ID: 2F325C2D781AEA2266636BDA1B60A8F7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2F325F7DE6B0320F7F51323ECD49FBDA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1
Frame ID: DBF116A3E3CD478BD1442685AC95E4A8
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 6780C1D6E4E251092BA43C171B3DA1F6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEB3B34D72F48D183009C54FFB0B24EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 54707BC3F7D1025A2DE1BF0DC74F518C
Requests: 2 HTTP requests in this frame

Frame: https://p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: ACA32107A8D7900845675EC1566EFB67
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Frame ID: 41C58EDEEDB1CCCA63CA313E16F559E0
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/banner_show.php?section=General&pub=741334&format=728x90&ga=g&slider=780fb67f02562d80e8b84908ad6eeaa8
Frame ID: 8FE9037D3BF921889138FE02FEA34A42
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Frame ID: 7D76CF1FDCD08D02EA2052182C4848D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js
Frame ID: 294D5E21D5102C4C4DC6568373CE52E7
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Frame ID: E0AA15B8E96D61528CBE6388A80A1225
Requests: 5 HTTP requests in this frame

Frame: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCApGjGApkACdZAdrrCACZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_49865&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2127805299369&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 4CA5A1960252CA3FFDFFA59FF2336054
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AA39A86BE2A58AD24F84A593002BB81
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F70F7F30655F3550B1F792DD5F0B7B98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREE TrueType and OpenType fonts - µfonts

Page URL History Show full URLs

http://ufonts.com/ HTTP 301
https://ufonts.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

112
Requests

97 %
HTTPS

64 %
IPv6

19
Domains

26
Subdomains

25
IPs

6
Countries

1470 kB
Transfer

3722 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://yllix.com/advertisers/741334
Title: Advertise Here!

Search URL Search Domain Scan URL

URL: https://old.ufonts.com/
Title: Go to old site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ufonts.com/ HTTP 301
https://ufonts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

112 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ufonts.com/
Redirect Chain

http://ufonts.com/
https://ufonts.com/

25 KB
6 KB

114ms
72ms

Document
text/html

2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094554e8797342c3e1aede22f4240de03e5e84ff2cfeb883e7e2db1a0eb9782a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-type: text/html
cache-control: private
x-welcome: Charlie says Hi! Charlie Says Hi
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5IkRScamTBPGQN2dvjArWlUtv8OcZ20adaMBpZg0QJ99%2F3gihSSL%2FLAKxgnF6MQUQLfz%2FLQctTnwdG%2BSesHQVsT5RTmDqGHSbF6w3Ki%2FkRVcs4IG7ONj2euDBNhDCZ%2BvfZ2rXDPVHC2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6cbf50c7b874fad8-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 11 Jan 2022 15:53:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 11 Jan 2022 16:53:01 GMT
Location: https://ufonts.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtfbP2ytJVTpY055SkDCCQ2bIOD1f791a63e2nNbAmsJ5JShTmu6gcia65E1Wn1yHe8m0yAuX7dqCbnWjQG1V56PlnrfpHHWTjmesfnp2IBJ9fuegXnNBwlX4mLr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6cbf50c73ce54168-HAM
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 12CN1DG73zWJqBie35NkSKHb6o8.js Show response
ufonts.com/cdn-cgi/apps/head/ 13 KB
5 KB 45ms
43ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/cdn-cgi/apps/head/12CN1DG73zWJqBie35NkSKHb6o8.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f5b513591babf7aca84392165e2e2cf3591e09c4da3e0742a8d4a245738782c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1309100
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4MNXMCQY9FY2MMCN
x-amz-id-2: nZlVrT0U76+BZ6zE1M33nI9EOEtsvmNE4sVFF+ZvIhyuY3yRVYBq89VRN2+qAS5+EeQFqPozouE=
last-modified: Mon, 09 Aug 2021 12:22:10 GMT
server: cloudflare
etag: W/"1bbac749eb8dc12d809bacaf8dc8d14c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRGn%2FT0hg5IHrbs83j0T3DPPnPLmfYvqSC9ahslv9yBY5tBlZYw6C%2BxXedJ%2FEazUatdoBcZmVc8sPJHLHdK5mYoi%2FhMOuYZjaD2XS8y1%2BVRLu6l%2FN10imX6Uu6zuVySXnDN7tdpYYgzd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nf.3DDj6ybx2MGjtaDWzlaLbkuH6tYLG
cf-ray: 6cbf50c85999fad8-DUS

GET
H2 200 stylex.css
ufonts.com/ 10 KB
3 KB 52ms
51ms Stylesheet
text/css 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/stylex.css
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35da1ece24174156f77141f4e896c7577aa29cac64ff778c4b48580938426180

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75025
cf-polished: origSize=12891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 14:16:40 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"6d2c3fd23e8bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d36T%2FasmmOUX%2B2R3icBNMswzTZF91i5C69a4ivFSA3apjCbuxb8Ptax0AguWQMFp5vIiQkNVM%2B8kWov3Z6AZzSWCtD6K4OKzgFfAasStAO5G5X1qAdS5WN6oGpREtEQvtcWBVaA%2FNzyv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6cbf50c8599cfad8-DUS
cf-bgj: minify

GET
H2 200 slider.php Show response
uprimp.com/ 2 KB
2 KB 139ms
42ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/slider.php?section=General&pub=741334&ga=g&side=random
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 07aac2d92951de4f50bfb02c62483a2d2c69002c60a80988fa83d5686ec7915c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
last-modified: Tue, 11 Jan 2022 15:53:01 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Tue, 11 Jan 2022 15:53:01 GMT

GET
H2 200 jquery.js Show response
ufonts.com/js/ 132 KB
40 KB 50ms
49ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/js/jquery.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a03c3e23a14d39c325cd7434b2b1901f926212fd8b8d85ad2e98e7467bc388d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82115
cf-polished: origSize=245183
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 23:07:28 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"208fd7f8888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAM0bDMxfdyvZHumI3hPds2Q5Dc19XED1X%2Bd88J2QOTcQ8O0MGB085EpeOJ8RKlbFn%2Fwyl66ADm5r4LAY0lNmkT5HEsAB%2FpsrRRd5sfxe7k%2BGgPMbjXyGyBZ5d%2Br6F4nTKl%2F4FxIyxmc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6cbf50c8599dfad8-DUS
cf-bgj: minify

GET
H2 200 jquery-ui.js Show response
ufonts.com/js/ 243 KB
59 KB 52ms
51ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/js/jquery-ui.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2cf3961b5fa6b9fb9da0a47805b1dd1631afda4c8108ffc99a1da0f18816dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82115
cf-polished: origSize=388071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 23:07:28 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"ced5af9888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m48VracuCpAIqZfORKy0DwcvDvR8hqTah3DsRrjgBkhXaSjSmYkAmCzR7FIsBC9gwjxFvROENtpkKb1%2ByI49%2FwjH414Z9YqwIyJQtq%2FpxvMcbIdOdl9M8f%2BsCOnjt1LXkHsr0c2XALm7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6cbf50c859a4fad8-DUS
cf-bgj: minify

GET
H2 200 nav.js Show response
ufonts.com/js/ 942 B
606 B 70ms
69ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/js/nav.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db867f5f6da589a0db7cec191c15aee56709a25400a62937d05642809d7e9ce4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82115
cf-polished: origSize=2464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 23:07:27 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"537b8cf8888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QajTqboWNghh1nn8PTpAyBDEO9wSCEqVahGKRE7HYrUQ69ubjQ5LK7ULFFCbhlXGq4dA1%2BniXpS6hZ4pTU05uTm2TDeYSSttYwZKuWrRDquMM9pld194lv%2B0vzJhrIlSepqLC1Xa%2BzKG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6cbf50c859a6fad8-DUS
cf-bgj: minify

GET
H3 200 cookie.js Show response
ufonts.com/js/ 10 KB
3 KB 119ms
118ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/js/cookie.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd849902f640a1929170da52cf11f931f045f0cdff93af10f798af9698f0049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 23:07:28 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"ce6d16f9888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NL0E1F16j%2BTX93huaCZDAjCtcogRc%2FgPxAcAsvLBJEZahzL3sHMPDzQnEoh8F%2FX3WdICNOy4Oa6%2Fd3Ki4%2BV804%2Fooss%2FUZEyhCBPVa9reGaIXWfN5w8jlzWGBWeK0wjQu3SNt3PxD093"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6cbf50c92f9459d1-MXP
cf-bgj: minify

GET
H3 200 noframes.js Show response
ufonts.com/js/ 230 B
794 B 44ms
44ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/js/noframes.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d47e250c32345ba95132b6bc268455582827e47ce0cd2c4d39ce27d731e6302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19295
cf-polished: origSize=236
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 25 Oct 2019 23:07:27 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: W/"99f97f8888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vK6K7UECTzlsjo7GuHvg4JlsmDgDiwVHhcXvNxtgErnVtMPn4io6v2Fn4zOuM%2B8J0%2BP5%2F51D0HEvcwW7zkG8teBcRTv0mrlNrD4ztVIFoL3Wc2sb8V3HrHGY0d8NO0pKhp05qvdBQSKP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6cbf50c94fe759d1-MXP
cf-bgj: minify

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/ 33 KB
34 KB 49ms
7ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32445f1f46f11c640971c30dfe08e42b494a9bc1618480fdd13931cee822f8d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 05:37:00 GMT
x-content-type-options: nosniff
age: 555361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:37:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 746ms
373ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3359622a102831c9b10e5b02f1c05ae3c2ea6d7b349207ff6d6f51b829d23e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
server: cafe
etag: 14823738021225115220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 15:53:02 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 73ms
36ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Jan 2022 21:34:02 GMT
server: cloudflare
age: 411539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 18 Jan 2022 15:53:01 GMT
cache-control: public, max-age=604800
cf-ray: 6cbf50c979e101e3-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-proxy-cache: HIT

GET
H3 200 menu.png
ufonts.com/gfx/ 141 B
739 B 132ms
129ms Image
image/png 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/gfx/menu.png
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7efea8f7e4fd16b84faed219d2e42b5b7a3f2097a9c80deb1fd4f2750353de75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 141
last-modified: Fri, 25 Oct 2019 23:01:23 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "30cc381f888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSE8muwnU5YCVSaU8VEzazTca4aSfzLfAmlQeNwnAvwbfD4T6SOUCMvhNt3cb9kHMvJRs7D34wdXxOB%2FRyYcf9b9czHnzjRwzdsDdgcTMadNPUGlarafzdfPmmLi1FNZTfxsW1%2BJ%2FOFA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94fea59d1-MXP

GET
H3 200 sideicon.png
ufonts.com/gfx/ 302 B
898 B 121ms
118ms Image
image/png 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/gfx/sideicon.png
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b81ac143fb46a3312a4aaefea5a61ce1906abb07094eb147e790bb893b66b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 302
last-modified: Fri, 25 Oct 2019 23:01:21 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "6a5d391e888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaOfPdS4ZWlUzXEGibOx8oxqNSpUMJnR3yWJNEmXGI6ToWC0B9y0u3S17iMQQhKo%2BkyU7iRHKptn2U0awRan9fFtBQNoVEdOtXo64MbqrHHbQ0OhuGOxIWkeGdTbh86WV7bbSCI6LxMn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94fee59d1-MXP

GET
H3 200 oldnews.gif
ufonts.com/gfx/ 84 B
685 B 131ms
127ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/gfx/oldnews.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7ec6a7103b2f29e582c930ea8d97a6c383ea1833194243b89b481a01c4829b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84
last-modified: Fri, 25 Oct 2019 23:01:22 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "10fce81e888bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWG%2BJ%2Bq7%2BzutM4PV9HdnenXYM%2BduKHNVOVMvPRNuTLkEOy4mpwBTocqdhiVa5kCiHWHGOI2E2%2BBd1yAfX23b9Tb9ltxJa3rhlpMn8BazrAyuivosrSHt88ORGVCIvTSEy5GsxQahsf2J"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94fef59d1-MXP

GET
H3 200 hq5FH2-2hYO5rwl73KLONCQ8wvE.js Show response
ufonts.com/cdn-cgi/apps/body/ 7 KB
3 KB 482ms
479ms Script
application/javascript 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufonts.com/cdn-cgi/apps/body/hq5FH2-2hYO5rwl73KLONCQ8wvE.js
Requested by: Host: ufonts.com
URL: https://ufonts.com/cdn-cgi/apps/head/12CN1DG73zWJqBie35NkSKHb6o8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e178c5fd15bda98a0f61e02f9b785df5075eefae1f91fd277ae187c62996a874

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BP3ZGSHC1Y00W3J9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-version-id: iDGduySrtM8yxDKzDsvgKGZwhVA2MlCY
x-amz-id-2: HYWzm6EqItF5fWwcTfXabkqgtmd/oEHw0WbfmbX/w180BddkRLzAcxDaVEb6unxNs0UlbQVIu7Q=
last-modified: Mon, 09 Aug 2021 12:22:10 GMT
server: cloudflare
etag: W/"47aff914f9f878cc2745ba27a26c7e7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLaO7D5k0d%2BBIJfmtavojTU%2BpwFxxVZboPy9ASSkK9qH5dH%2Bqr5R8XmNxhNM5cuCbCq2cKEiiV%2BpSlRHzLyIrYZI59G%2FoH7lsUFlHVy8bAzph2ySSDG6CM4VmFXdo1AcHam%2BfYgmDiky"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6cbf50c94ff259d1-MXP

GET
H3 200 gotham-extralight_font_149707.gif
ufonts.com/preview2/ 6 KB
6 KB 190ms
187ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/gotham-extralight_font_149707.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c845a67ffe983ed11b04eb333cb311d10639ca9fa85b14cdc66e7b8839a4da32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5729
last-modified: Fri, 02 Mar 2012 19:30:52 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "bc31d7faaaf8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOwvTMnyy8Jx4n2Q0niwefEP20PG3mLkKRtpELymK6JdU5fZfwzdKuJjV7psRfqLm3v4XLrilMc8eJGrPdGD44UGjXnc%2BI%2Fa9AXFSTalcapwNpz2ox5NuKknn24qChUL%2F2A7LtS8yxqL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ff559d1-MXP

GET
H3 200 aller-display_font_550319.gif
ufonts.com/preview2/ 5 KB
6 KB 183ms
180ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/aller-display_font_550319.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 156428ba6bd41fcd10d25b81801270248d3c87537755925982cc18acedbaa17c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5569
last-modified: Thu, 21 Jun 2018 18:03:40 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "cd831a2f8a9d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfswqTDB5Hqekn%2B4DCJXfswxx%2BOY96udgEeie4kPqzxG2fxKFEdjyK7rQoA2A2Z3NHFUeU40xot4bQVi4PQlmGhwDGzJ6SLFVnDKO54jBIfTkwq4SG0YZ2MHqeZaQffaelen9gO8c3yj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ff659d1-MXP

GET
H3 200 infinite-justice_font_158023.gif
ufonts.com/preview2/ 6 KB
7 KB 192ms
189ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/infinite-justice_font_158023.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a1cedc946476013e7408a6a25c9fbe7bc20ddf6ac437353f26a73823143f4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6088
last-modified: Fri, 02 Mar 2012 19:47:00 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "2c7e93cadf8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWHl4mMGAc%2FDSAhXkOb8WSridHVEVsLYhIYIMkxt0HCz0E1%2BQogLZFLQg1BIhOUue4%2FAF93p18Utx2S0us6He9vktEpV9L%2FHW08nqZhZEaqkTyatjw%2Bg1XvgbLtJGZGuW40ZpvMGtOu5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ff759d1-MXP

GET
H3 200 kruti-tamil-010_font_555175.gif
ufonts.com/preview2/ 6 KB
7 KB 165ms
163ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/kruti-tamil-010_font_555175.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197f350c3ff332db3d2a25b895a26b8aad8f073212da19d4c8e63eedc8cb9240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6563
last-modified: Thu, 21 Jun 2018 18:10:44 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "115ee52b8b9d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnrFApkBZW2nSruupZ0366fDRmDuOUCzfAk5Bxr0vLtdqTx56oqP2TEoDoOyT088QlCvqJT1dvxa36hxEPFURhJD5pRKcsP7TMGQx%2F6NLeGYsN0vtmmQ4zpqGTxVHyJ60I6mV%2Fff9gkx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ff959d1-MXP

GET
H3 200 bauhaus-93_font_23328.gif
ufonts.com/preview2/ 5 KB
6 KB 158ms
155ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/bauhaus-93_font_23328.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc9e663a054e8bd3d7a3fe3b38180aac6d82f8d8058e3959a59f8e0c35388cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5280
last-modified: Fri, 02 Mar 2012 17:10:15 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "669e145697f8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w04PGPNahe9lgqR2Id%2Bdfw%2FW82vSEp%2Fk%2FbG6ESHPRLE8W1ITr5aw4LYuOcwxMGZljWdWhKgyPgN4mLV2jH82%2BY1w5n6mlhSDK1FfI9teV8emnyJ%2FxHsCwdwsuHnfVTGliD8GEFQJazFp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ffb59d1-MXP

GET
H3 200 tribunussg-italic_font_94824.gif
ufonts.com/preview2/ 6 KB
6 KB 174ms
171ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/tribunussg-italic_font_94824.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273db78868eaa12521fd80867ddf82c25d7ee358bca435e21136813f805fdcfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5979
last-modified: Sat, 26 Oct 2019 08:15:31 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "029a488d58bd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4WeaCj4SqniEuUYoTxSjxzqKqR5u7JhCEiKilC3EaBJWkkwSqIbFNikOJRsSZiI4IBaohOTSDxTCa3Qdn5YJ4DonmMozU89XXpJOJR5gCDpLJryzzgsXIOPqJNtwsXhN8Fm81yv1tYE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94ffe59d1-MXP

GET
H3 200 american-typewriter_font_195489.gif
ufonts.com/preview2/ 7 KB
7 KB 175ms
172ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/american-typewriter_font_195489.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0280cd19481188fbdbe4075109f35e3c21bf5492cffa46a9c51fb27c553da259

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6837
last-modified: Fri, 02 Mar 2012 18:29:57 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "b89c3278a2f8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KL%2FuB3L006nSQfJ64isQ%2FGmWjEY37rkSEw6Y7tIyROy2v4uXopxCrSiKPJU7si9S7eVn%2ByOQ3MxXiyoOzHMoDYgAROXf2JZ6FEIQ3uZRQmFBpoQIT%2FzM1iAT2W%2BrwbFG0qO9Xg94MlJr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c94fff59d1-MXP

GET
H3 200 futura-xblkcn-bt-extra-black_font_142334.gif
ufonts.com/preview2/ 6 KB
6 KB 183ms
180ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/futura-xblkcn-bt-extra-black_font_142334.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71a34ea833032da0aa014174811105c44ae02706bb5f0032ded257fde67a17dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5925
last-modified: Fri, 02 Mar 2012 19:26:00 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "bc87cb4caaf8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5%2F3IPY207lLdZMaS11iNFxND433mMGzEze2NeTJSb7o38aQaL18AbwMvTAq2%2Fe2j6o7n96qIqmQz%2FDYiTWZXcz33MeG7v6NDaBFt20lzwe1EzUgS7mUl11s%2B2DBzLppYb0uOgGawuWv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c9480059d1-MXP

GET
H3 200 killian-regular_font_164891.gif
ufonts.com/preview2/ 5 KB
6 KB 539ms
536ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/killian-regular_font_164891.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb390db75f22f09e7fc2f24895418abb70ec68dcd3fab7f88f49113e6122443c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5109
last-modified: Fri, 02 Mar 2012 18:44:11 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "c966375a4f8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bed9ngDMPpzYqZoY308Vi%2FFHW8rAGU82sShu8L1O5Vevs3EO57axIvLlapwpM8OkWfzpFldto7mS6e1UzSyuZvpPVIoAVDZq4QRXZ%2BCihGnVn%2BxzjA1Al1W63O5xE365s7GgBlCOC8Gl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c9480359d1-MXP

GET
H3 200 filosofia_font_137255.gif
ufonts.com/preview2/ 5 KB
6 KB 3130ms
3127ms Image
image/gif 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/preview2/filosofia_font_137255.gif
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a399774868dfc3f92127f335fa15cbb48aeda022f30229796e6070aee870cb74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5159
last-modified: Fri, 02 Mar 2012 19:15:36 GMT
server: cloudflare
x-welcome: Charlie Says Hi
etag: "e63afd8a8f8cc1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtmErJYYSxt5vQhr%2FctepjQ8OiHUbKzDv1GLjQAb8DtGYUzGKf%2BFuwPofDVHnryrc6OUPqj1PmtuS6sDHQCeapPsNkJu%2FUPgoBliGaVTNGrA7tPOc%2BHkfzU6WOrqjp0GXFScC5F77edA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6cbf50c9480459d1-MXP

GET
H2 200 bnr.php Show response
uprimp.com/ 374 B
628 B 56ms
38ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=topBanner&pub=741334&format=728x90&ga=g
Requested by: Host: ufonts.com
URL: https://ufonts.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 9fff4c21fff42883822ef08814ebecc0e1dfd9108856a16b2dcc16d38e45a70b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
last-modified: Tue, 11 Jan 2022 15:53:01 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Tue, 11 Jan 2022 15:53:01 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 35ms
10ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 11 Jan 2022 15:53:01 GMT
x-host: s7.addthis.com
content-length: 116406

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 45ms
19ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100464772-1

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

625684ea8fe83a7c4cf1a4331faea079c62dce467d72bf171cb25e11cb32b7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36279
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jan 2022 15:53:01 GMT

GET
H2 200 jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
33 KB 68ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: uprimp.com
URL: https://uprimp.com/slider.php?section=General&pub=741334&ga=g&side=random
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: "54499a47-17278"
vary: Accept-Encoding
x-hw: 1641916381.dop203.ml1.t,1641916381.cds205.ml1.hn,1641916381.cds219.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33626

GET
H3 200 button-bg.jpg
ufonts.com/ 2 KB
2 KB 130ms
129ms Image
text/html 2606:4700:3035::6815:126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufonts.com/button-bg.jpg
Requested by: Host: ufonts.com
URL: https://ufonts.com/stylex.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/stylex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
cf-cache-status: BYPASS
x-welcome: Charlie says Hi!, Charlie Says Hi
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai63UM8K%2B30%2FbqUJFXKg3iuYkaKzro3cm6Bs1sF9EV3W58aoJTvVNbn08wUo2Xg6FB7b0esyAlrYNyBmGpKbvlVOchFaIvir4BPNIU0iu9OAsNWAae3CkUPV5F7xivVm28MBK%2F7Q9DDR"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6cbf50c9480559d1-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 3AFD 1 KB
2 KB 123ms
123ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=topBanner&pub=741334&format=728x90&ga=g&xt=164191638157354&xtt=412877
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=topBanner&pub=741334&format=728x90&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: a98d433c1134c8300aed6fa9a4e402c174f72d3c5a9d697186b005f6f137e782

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:01 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 11 Jan 2022 15:53:01 GMT
last-modified: Tue, 11 Jan 2022 15:53:01 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 60ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54480
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3 200 ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/images/ 178 B
205 B 24ms
8ms Image
image/png 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 06:28:49 GMT
x-content-type-options: nosniff
age: 552252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:28:49 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5931e97d72507f22/ 2 KB
811 B 259ms
258ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5931e97d72507f22/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a8765d5e3aac1d4dd3fcbc8e692518406876f7dc7d867bd07fdff363c74ec1a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
etag: 1896742259--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 635

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 159ms
158ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61dda7dd108f1df9&bkl=0&bl=1&pdt=562&sid=61dda7dd108f1df9&pub=ra-5931e97d72507f22&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ufonts.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=free%20fonts%2Ctrue%20type%20fonts%2Copen%20type%20fonts%2Cfree%20typefaces%2Ctrue%20type%2Cfreeware%20fonts%2Ctypography%2Cfont%20archive%2Cfont%20collection%2Cdownload%20free%20fonts&colc=1641916381724&jsl=1&uvs=61dda7dd578f5047000&skipb=1&callback=addthis.cbs.jsonp__86873519186557520
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38c189becc1f737da8877966a28e9bddba05a1b9d975029c2d595dfbf2f36c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4622 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame C5D4 71 KB
26 KB 131ms
130ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 11 Jan 2022 15:53:01 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100464772-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3115
date: Tue, 11 Jan 2022 15:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 11 Jan 2022 17:01:06 GMT

GET
H2 200 show.php Show response
uprimp.com/ Frame C302 2 KB
2 KB 44ms
44ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=topBanner&pub=741334&format=728x90&ga=g&xt=164191638157354&xtt=412877
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: a28881998a8705ca2040cd7f0e3ec1b995c41660ffe5b9bee1a874ac21973b06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/bnr_xload.php?section=topBanner&pub=741334&format=728x90&ga=g&xt=164191638157354&xtt=412877

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:01 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 11 Jan 2022 15:53:01 GMT
last-modified: Tue, 11 Jan 2022 15:53:01 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1439391058&t=pageview&_s=1&dl=https%3A%2F%2Fufonts.com%2F&ul=en-us&de=UTF-8&dt=FREE%20TrueType%20and%20OpenType%20fonts%20-%20%C2%B5fonts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1439532252&gjid=581610821&cid=473284014.1641916382&tid=UA-100464772-1&_gid=1624361322.1641916382&_r=1&gtm=2ou150&z=674327073

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufonts.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ufonts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100464772-1&cid=473284014.1641916382&jid=1439532252&gjid=581610821&_gid=1624361322.1641916382&_u=YEBAAUAAAAAAAC~&z=1194749536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ufonts.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 11 Jan 2022 15:53:01 GMT
content-type: text/plain
access-control-allow-origin: https://ufonts.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
xe9o.xyz/08c73116f6/82b174e040/ Frame C302 1 KB
935 B 106ms
35ms Script
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCZZdpjAjdjCdZAdrrCxCZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_95284&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 720a13f7841fa7805807379b2782b2e0586dd473d3f705960871b335b6d0aae4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_upk7x1.png
ylx-i.advertica-cdn2.com/aff/ Frame C302 22 KB
22 KB 127ms
36ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:05 GMT
server: nginx
etag: W/"583d6825-5642"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Thu, 10 Feb 2022 15:53:01 GMT

GET
H2 200 logo_p_small.png
ylx-i.advertica-cdn2.com/ Frame C302 2 KB
2 KB 164ms
74ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_p_small.png?1480628811
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 3bf667359356fafe2d656edaced3f3fdbd8279434739be05b192c8630ac73a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:01 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:51 GMT
server: nginx
etag: W/"58409a4b-675"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Thu, 10 Feb 2022 15:53:01 GMT

GET
H2 200 /
uprimp.com/trk/ Frame C302 43 B
268 B 47ms
47ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?f4440d187e0ca05edba1ed1971de83bf
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/show.php?u68881641916381=true&ad=673873&f=728x90&a=625611&cri=0&s=ZjJkZWY2Y2RmMjA0ZjhkOTZjODMyYzQ2NjcwNmU0OWY=&u=741334&si=226485868&di=36230767&ci=16&h=f4440d187e0ca05edba1ed1971de83bf&cc=DE&https=1&useAf=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:01 GMT
last-modified: Tue, 11 Jan 2022 15:53:01 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 in.php Show response
in.getclicky.com/ 138 B
434 B 442ms
147ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101264340&type=pageview&href=%2F&title=FREE%20TrueType%20and%20OpenType%20fonts%20-%20%C2%B5fonts&res=1600x1200&lang=en&jsuid=974717578&mime=js&x=0.1859894865114209
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Wilsonville, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 28c009b3cabe983c3b0c2245d5fd5b722125ffdce39488039ea8d670996a183c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
xe9o.xyz/08c73116f6/82b174e040/ Frame D01F 112 KB
72 KB 78ms
78ms Document
text/html 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCZZdpjAjdjCdZAdrrCxCZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_95284&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1919570837870&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCZZdpjAjdjCdZAdrrCxCZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_95284&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_328497b4e15734dff8082bc0d306241652c3b_2633299_1641916381.752_17340&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: d7748b87294731fbb66702b0c7122861dbf526924fdd2eb8d99e7ae430668447

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:01 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 10ms
9ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 11 Jan 2022 15:53:01 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
DATA 200
OK truncated
/ Frame D01F 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D01F 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/ 282 KB
101 KB 491ms
261ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9601603498871760&plah=ufonts.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e76464bb5158c3ad0b7e691337453142fa32db46735845ab3780c7999414a8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103758
x-xss-protection: 0
server: cafe
etag: 13271785760069499481
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 15:53:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220106/r20190131/ Frame 57FB 11 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220106/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 10 Jan 2022 16:54:24 GMT
expires: Mon, 24 Jan 2022 16:54:24 GMT
content-type: text/html; charset=UTF-8
etag: 13671712056976469594
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
age: 82718
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 615ms
235ms Script
text/javascript 142.250.181.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ufonts.com&callback=_gfp_s_&client=ca-pub-9601603498871760

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9601603498871760&plah=ufonts.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fjr04s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b16b598f8e894be3ccdeb19c3e311de0b11b630b1ffde7d63801fb1f924f339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 68ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ufonts.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 15:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 55ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ufonts.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 15:53:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 241ms
241ms Image
image/gif 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fufonts.com%2F&tn=DIV&cls=cc-cookies%20&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6141 250 KB
60 KB 664ms
649ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&adk=1812271804&adf=3025194257&lmt=1641916383&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fufonts.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382617&bpp=2&bdt=1159&idt=758&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5883338801194&frm=20&pv=2&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=775

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

779ad36a6a6e137f3815a65e3baecd305e7019c21ba58fca1e657b9b451e67a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 11 Jan 2022 15:53:04 GMT
server: cafe
content-length: 61725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 15:53:04 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F32 70 KB
27 KB 869ms
863ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&h=280&slotname=7077888809&adk=191396302&adf=1938573118&pi=t.ma~as.7077888809&w=840&fwrn=4&fwrnh=100&lmt=1641916383&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fufonts.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382619&bpp=2&bdt=1162&idt=778&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5883338801194&frm=20&pv=1&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=169&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0CjV25SA1p&p=https%3A//ufonts.com&dtd=783

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8403b806d50b7d3b33c026cdeec7588fb8091c878f1ffab73b17700ff87ba8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 11 Jan 2022 15:53:04 GMT
server: cafe
content-length: 27524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 15:53:04 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/ 149 KB
53 KB 292ms
292ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201040101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a390046d86de6e6ac256bec2b8bd078d54c969c5f4de29b8abad87658b80a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54216
x-xss-protection: 0
server: cafe
etag: 13774833885626110041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 15594775858049694827
tpc.googlesyndication.com/simgad/ Frame 2F32 118 KB
119 KB 672ms
315ms Image
image/png 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15594775858049694827?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnH1lu1NPvCl5Vw-wC1oFNtHx5CFA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&h=280&slotname=7077888809&adk=191396302&adf=1938573118&pi=t.ma~as.7077888809&w=840&fwrn=4&fwrnh=100&lmt=1641916383&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fufonts.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382619&bpp=2&bdt=1162&idt=778&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5883338801194&frm=20&pv=1&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=169&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0CjV25SA1p&p=https%3A//ufonts.com&dtd=783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9b19bac6849e742b83af709a6e01f635f9e532bbdc6bc266201fd3bfbf6d949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:48:47 GMT
x-content-type-options: nosniff
age: 83057
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121173
x-xss-protection: 0
last-modified: Wed, 29 May 2019 04:19:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 16:48:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame 2F32 19 KB
8 KB 512ms
155ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:52:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 2F32 2 KB
1 KB 632ms
280ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:47:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F32 120 KB
37 KB 65ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641817384012296"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 2F32 15 KB
6 KB 597ms
244ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 10427043382315408254
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:46:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 2F32 27 KB
11 KB 638ms
285ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb168dee1eb24ea259f0e913b5a0cdd7c420532918f099d99f6ff24ba645c77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11395
x-xss-protection: 0
server: cafe
etag: 4908220303311642523
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 17:47:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2F32 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQVd036fdYbKJHM20YKewr8gJ9ae_9Fz07sHexwvAjbcBEAEgmfWpEmCV4pCCoAegAfmSlbkDyAECqAMByAPJBKoEzAFP0JBZ5muyM_KClhK-eap9thm-FYyVUUtCeyX5TU892K-a89C34ES3-CbtHPZNIYDTQumOUStrl3YsZTH1P_wKWC_gKM2bUdssUQUmLKbmwgKWF_j_EVAkR9GgR23JERJ1MFm4bt7w81bL_NNFzH_MF9NYrtsY9mTcOdrvxIy9jvCxkysrWOk0jF9wTdAxzoXV1LUf0HXuoTwYvmzDVS7b5RAWZ6tTkVIu1hRcwXtoM6qdOUpJkcyAOKPnVV879lSoGI05aPje4ijhuj_ABP_k0N_aApIFBAgEGAGSBQQIBRgEoAYCgAfv7OpGqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ9rFA0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTk2MDE2MDM0OTg4NzE3NjAYAA&sigh=WplGNOMd69c&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&h=280&slotname=7077888809&adk=191396302&adf=1938573118&pi=t.ma~as.7077888809&w=840&fwrn=4&fwrnh=100&lmt=1641916383&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fufonts.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382619&bpp=2&bdt=1162&idt=778&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5883338801194&frm=20&pv=1&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=169&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0CjV25SA1p&p=https%3A//ufonts.com&dtd=783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 11 Jan 2022 15:53:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 38ms
19ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ufonts.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ufonts.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/ Frame 2F32 11 KB
5 KB 10ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 10 Jan 2022 17:31:01 GMT
expires: Mon, 24 Jan 2022 17:31:01 GMT
content-type: text/html; charset=UTF-8
etag: 13671712056976469594
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
age: 80523
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/ Frame DBF1 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 10 Jan 2022 17:31:01 GMT
expires: Mon, 24 Jan 2022 17:31:01 GMT
content-type: text/html; charset=UTF-8
etag: 13671712056976469594
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
age: 80523
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 2F32 4 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 14:02:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 11 Jan 2022 15:53:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F32 205 B
743 B 31ms
10ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 10:39:19 GMT
x-content-type-options: nosniff
age: 18825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Jan 2023 10:39:19 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2F32 604 B
696 B 31ms
10ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 19:23:58 GMT
x-content-type-options: nosniff
age: 332946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Jan 2023 19:23:58 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/elements/html/ Frame 2F32 19 KB
8 KB 310ms
256ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e26438578c1cd63768168574b24b13209fd23756b5e7fe5be9047c7710c66172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8398
x-xss-protection: 0
server: cafe
etag: 11301563466702986777
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:33:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame DBF1 19 KB
8 KB 172ms
126ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:52:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame DBF1 2 KB
1 KB 562ms
516ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:47:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBF1 120 KB
37 KB 56ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641817384012296"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame DBF1 15 KB
6 KB 188ms
143ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 10427043382315408254
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:46:20 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame DBF1 27 KB
11 KB 561ms
517ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb168dee1eb24ea259f0e913b5a0cdd7c420532918f099d99f6ff24ba645c77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11395
x-xss-protection: 0
server: cafe
etag: 4908220303311642523
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jan 2022 17:47:22 GMT

GET
H2 200 13924605647384150551
tpc.googlesyndication.com/simgad/ Frame DBF1 22 KB
22 KB 571ms
527ms Image
image/png 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13924605647384150551?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmw2GILQi2m1qcCzN4JH0iJ_LlUjw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be2e04cecbcfd781b640159d04691b2add96725759f769d0a253727dd74b3c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:20:47 GMT
x-content-type-options: nosniff
age: 81137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22095
x-xss-protection: 0
last-modified: Mon, 27 Nov 2017 05:43:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Jan 2023 17:20:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6780 6 KB
670 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 14:04:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 11 Jan 2022 15:53:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 6780 1 KB
954 B 524ms
524ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:44:22 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/ Frame 6780 19 KB
8 KB 505ms
505ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:52:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:52:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 6780 2 KB
1 KB 521ms
521ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:47:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6780 120 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641817384012296"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 15:53:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/ Frame 6780 15 KB
6 KB 508ms
507ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220106/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 10427043382315408254
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Jan 2022 15:46:20 GMT

GET
H3 200 b08052bb948632636d2eb594b39baf17.js Show response
www.gstatic.com/mysidia/ Frame 6780 27 KB
11 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11476
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 08:39:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 07 Apr 2022 16:24:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEB3 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 11 Jan 2022 15:04:55 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEB3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

141ms
141ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 15:53:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 15:53:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 15:53:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5470 143 B
163 B 9ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9601603498871760&output=html&h=280&slotname=7077888809&adk=191396302&adf=1938573118&pi=t.ma~as.7077888809&w=840&fwrn=4&fwrnh=100&lmt=1641916383&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fufonts.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641916382619&bpp=2&bdt=1162&idt=778&shv=r20220106&mjsv=m202201040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5883338801194&frm=20&pv=1&ga_vid=473284014.1641916382&ga_sid=1641916383&ga_hid=1439391058&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=169&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751&oid=2&pvsid=2100949773222538&pem=326&tmod=238&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0CjV25SA1p&p=https%3A//ufonts.com&dtd=783

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 11 Jan 2022 15:04:55 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ACA3 247 B
961 B 65ms
17ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

a1fda2a8d7ca683fece6a4373ca60d090256ae6e730a2d1f5d0530af0b0976b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-F2g933Zaw9G0jBgTFa-iPA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 204
date: Tue, 11 Jan 2022 15:53:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2F32 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc7d7c59e2bd9d341bb3af23407a76d9d4c230822a95537ca86e7ae2262e0619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5470
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

172ms
172ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 15:53:05 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Jan 2022 15:53:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Jan 2022 15:53:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame ACA3 4 KB
2 KB 34ms
16ms Document
text/html 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

61ccbd7772908f1d9fd7d9ee5c80b7734218c6612a1c0ccdcf2a2219b8511262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-87j-JBRe5YCkj3X1IvCfKw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1863
date: Tue, 11 Jan 2022 15:53:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 41C5 35 KB
13 KB 124ms
123ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 602188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13512
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 16:36:37 GMT

GET
H2 200 banner_show.php Show response
uprimp.com/ Frame 8FE9 1 KB
2 KB 87ms
87ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/banner_show.php?section=General&pub=741334&format=728x90&ga=g&slider=780fb67f02562d80e8b84908ad6eeaa8
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: ca943c56259d7aab31826131b12d80c0ea4065f0e9100d3128f8fa9e1094aa86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:05 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 11 Jan 2022 15:53:05 GMT
last-modified: Tue, 11 Jan 2022 15:53:05 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 but_close.png
ylx-i.advertica-cdn2.com/ 664 B
922 B 126ms
40ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/but_close.png?1360094895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:05 GMT
content-encoding: gzip
last-modified: Tue, 05 Feb 2013 20:08:15 GMT
server: nginx
etag: W/"511166af-298"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Thu, 10 Feb 2022 15:53:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 491ms
260ms XHR
application/json 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220106&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed9b23a41d581790ee7f9d771ef4ace10989df7ef978b427cd158a8a3c8efde0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 Jan 2022 15:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8646
x-xss-protection: 0

GET
H3 200 5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D76 35 KB
13 KB 123ms
123ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220106/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 602188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13512
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 16:36:37 GMT

GET
H3 200 5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 294D 35 KB
13 KB 133ms
133ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js

Requested by

Host: ufonts.com
URL: https://ufonts.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 602188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13512
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 16:36:37 GMT

GET
H2 200 show.php Show response
uprimp.com/ Frame E0AA 2 KB
2 KB 53ms
53ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Requested by: Host: uprimp.com
URL: https://uprimp.com/banner_show.php?section=General&pub=741334&format=728x90&ga=g&slider=780fb67f02562d80e8b84908ad6eeaa8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 38506fc87d7a5b8d177c7ba748cc9a80bfa58d48486f4e16c0d30e39fac70203

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/banner_show.php?section=General&pub=741334&format=728x90&ga=g&slider=780fb67f02562d80e8b84908ad6eeaa8

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:05 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 11 Jan 2022 15:53:05 GMT
last-modified: Tue, 11 Jan 2022 15:53:05 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
xe9o.xyz/08c73116f6/82b174e040/ Frame E0AA 1 KB
948 B 153ms
55ms Script
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCApGjGApkACdZAdrrCACZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_49865&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 54c5b0a34dd0b9ea5ef2db5e58daefbb57ead95e611121f41466f99e860866d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:05 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_upk7x1.png
ylx-i.advertica-cdn2.com/aff/ Frame E0AA 22 KB
22 KB 110ms
109ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:05 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:05 GMT
server: nginx
etag: W/"583d6825-5642"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Thu, 10 Feb 2022 15:53:05 GMT

GET
H2 200 logo_p_small.png
ylx-i.advertica-cdn2.com/ Frame E0AA 2 KB
2 KB 111ms
110ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_p_small.png?1480628811
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 3bf667359356fafe2d656edaced3f3fdbd8279434739be05b192c8630ac73a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:05 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:51 GMT
server: nginx
etag: W/"58409a4b-675"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Thu, 10 Feb 2022 15:53:05 GMT

GET
H2 200 /
uprimp.com/trk/ Frame E0AA 43 B
268 B 50ms
50ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?7fa9437480e5ded2b93188cb75978352
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/show.php?u67081641916385=true&ad=673873&f=728x90&a=625611&cri=0&s=MjQyYTYzZmM1MzY1YTY3NGIyMTFmYjU2MDU3NWQ5ZjA=&u=741334&si=547875495&di=36230767&ci=16&h=7fa9437480e5ded2b93188cb75978352&cc=DE&slider=780fb67f02562d80e8b84908ad6eeaa8&https=1&useAf=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&ar=aHR0cHM6Ly91Zm9udHMuY29tLw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:05 GMT
last-modified: Tue, 11 Jan 2022 15:53:05 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H2 200 / Show response
xe9o.xyz/08c73116f6/82b174e040/ Frame 4CA5 112 KB
72 KB 90ms
90ms Document
text/html 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCApGjGApkACdZAdrrCACZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_49865&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=2127805299369&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCApGjGApkACdZAdrrCACZrGNdpNrArNirCrCZZZCCrixCkGCrCrGCxCrGZjriGkZCCrxi_49865&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&capSettings=dXByaW1wLmNvbXw1MDAwMDB8MjR8NTE4NTY=&adApiR=loaded_string_944847b4e15734dff8082bc0d306241652c3b_2633299_1641916385.2688_82294&refferer=2512142990_aHR0cHM6Ly91Zm9udHMuY29tLw==&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 7ed969f149a23a1b41813a51ec0ffd2904640696f491b80d04027a7db6ba2f89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/

Response headers

server: nginx
date: Tue, 11 Jan 2022 15:53:05 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 487ms
258ms Script
text/javascript 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 15:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Jan 2022 15:53:06 GMT

GET
DATA 200
OK truncated
/ Frame 4CA5 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4CA5 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F32 42 B
64 B 248ms
248ms Fetch
image/gif 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKI2hRX82YPsLgUb2FTbBLC60jxQWCgkR_mmHZwfND4XKWW7s7MCsC3sy8PQMe3jT94viHXHDKeAcFF5lkUMHBoBQAP2kpzYQO0F7ngv-rw8rmPdtoEg&sai=AMfl-YR43W9YnyqvTKjj_tsRhmSn_AloZrkqPUQpNg1xKYIMtXdLlGVfJsXSt3lJDWCl-i9HKWjdiHHyiFhz&sig=Cg0ArKJSzAuAVrYwDSXmEAE&id=lidar2&mcvt=1000&p=0,0,216,840&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220110&bin=7&avms=nio&bs=0,0&mc=0.69&if=1&app=0&itpl=4&adk=191396302&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641916383403&rpt=1752&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Jan 2022 15:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AA3 13 KB
5 KB 121ms
121ms Document
text/html 2a00:1450:4019:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:800::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 07 Jan 2022 00:05:34 GMT
expires: Sat, 07 Jan 2023 00:05:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 402452
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F70F 783 B
534 B 35ms
17ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

383572e0356832eca70b484f1de89fd1573709cc531abd998aa9611d4f2d8b6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eLgVbus1Kx2sPpSW3CkhMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ufonts.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 11 Jan 2022 15:53:06 GMT
date: Tue, 11 Jan 2022 15:53:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-eLgVbus1Kx2sPpSW3CkhMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F70F 0
0 274ms
273ms Image
text/html 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220106&jk=2100949773222538&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AA3 35 KB
13 KB 120ms
120ms Script
text/javascript 2a00:1450:4019:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5j4VCALLZSHxCC9Q4npotRbCr-J4MtXOxr4dICczkIM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 602189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13512
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jan 2023 16:36:37 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 6AA3 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?bx8U6g

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220106&jk=2100949773222538&bg=!ExClEFTNAAbDtiZlw7Y7ACkAdvg8WtwY3ylCNePOY5lJEbBRyQD6BEkya2pykmAMyUtUaeJzOvrTJAIAAABRUgAAABBoAQcKABEWrUH-QVNLDPahzywpLPYytJkCdoZvySC3iqXYaFRp2qpZVPTWaCovL_apG7vUUrOc6dDIEAStPvAgf3js6rO7_s8sz9UvnD2H6Qij1GFf0oXV4EFxkGQ4n9jHl97XLxOmvBKo_99AxTBpD2-JIobwYB8t8LVRMSGIHDCiZlb-Z4H2-FIThKm0EP3WJ-bFe-xlM4JzRTF-8Mjk-9lkCwFDB9ZG9kIt6Txop7IqNjVczZPE45w4EcSY8Ul4QNqNEOyOV-tcP5rwhp8Ezlw_s_MWuIJ5LnK2RWYpLKCUv8riLZcsjyeld32eUkTz2yyme3l7_pZbGONsiqb4W5E-wVaGQYcTPU7pfjSQup7H3Ndc5fukIX22CTVq5VSBiaCnIY0NnDn8V7tyd84p_WYtePR3tjUgpA9DsJ5J56mnwV50VyOkL99SY_7lieOH4d9bV2UzzkcAe3fMa0wDH7b3FUMHH-sDkn0rfpEWmPGgjC3JnEE2Yze30OXVJUj7PLisUwwK3pUBSMck8Xu3gnVtqI5BcWIoNseUgaLxi2zzQJiEpoMrvZj_RYXCakIO63z4O3bFWT61bvy76wAHbnna70XP7fywcdCeJcX_RgIoo6CQkeDma6zZE4WenTQLAQRXhg7NqyIBRr0_VFKRHCMZcYxPaF6Sm_QTM_gWDzFvlst832xg3n08v0-lKXo4K-kzAy1P8D0lb4nzkMovXshe0MwKxQaxmKBwKfFQXoSAgeQVbF8_qXNUgmV66S2foptVaIAS8yz-ckkwmjbNdxaQTexr-TxCiIhkgaoGxtljqkNnbZWy1jjgoUl9a0GHnDWDZzuJckyyNDckiUKu6m74qc1I_FxbRwHrxJndqQ

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ufonts.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDACRADSDS Value: DBEACKICHODBEAJKGCGHDOMD
ufonts.com/	1970-01-20 09:35:30	Name: __atuvc Value: 1%7C2
ufonts.com/	1970-01-20 00:05:18	Name: __atuvs Value: 61dda7dd578f5047000
.ufonts.com/	1970-01-20 17:36:28	Name: _ga Value: GA1.2.473284014.1641916382
.ufonts.com/	1970-01-20 00:06:42	Name: _gid Value: GA1.2.1624361322.1641916382
.ufonts.com/	1970-01-20 00:05:16	Name: _gat_gtag_UA_100464772_1 Value: 1
.addthis.com/	1970-01-20 09:35:30	Name: uvc Value: 1%7C2
.ufonts.com/	1970-01-20 00:05:16	Name: _first_pageview Value: 1
.ufonts.com/	1970-01-20 08:50:52	Name: _jsuid Value: 974717578
.addthis.com/	1970-01-20 09:35:30	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
in.getclicky.com/	1970-01-20 08:50:52	Name: cluid Value: 974717578
.ufonts.com/	1970-01-20 09:26:52	Name: __gads Value: ID=988cf45a4276acd6-22e9633ce6ce00a0:T=1641916383:RT=1641916383:S=ALNI_MYW2CPgsSmJbVXBVrHJdXSbsbA28A
.doubleclick.net/	1970-01-20 09:26:52	Name: IDE Value: AHWqTUm-TTbTI14PiaO3l9saLYQudYPACE2Zg_3HENkkZIi7LY64Wbg5RGsF_SFuNWA
.doubleclick.net/	1970-01-20 00:05:19	Name: DSID Value: NO_DATA
.uprimp.com/	1970-01-20 00:06:03	Name: used_ad2633299 Value: 2
.uprimp.com/	1970-01-20 00:06:03	Name: total_impressions Value: 2
.uprimp.com/	1970-01-20 00:48:28	Name: cpa_673873 Value: 728x90_547875495_5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
googleads.g.doubleclick.net
in.getclicky.com
m.addthis.com
p4-e6paal2nytdii-p4yniahqh6rtfb35-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s7.addthis.com
static.getclicky.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ufonts.com
uprimp.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xe9o.xyz
ylx-i.advertica-cdn2.com
z.moatads.com
pagead2.googlesyndication.com
s7.addthis.com
tpc.googlesyndication.com
104.75.88.126
142.250.181.98
142.250.186.163
172.67.152.40
185.66.200.127
185.66.200.220
185.66.201.58
198.145.13.12
2.18.235.40
2001:4de0:ac18::1:a:1a
2606:4700:3035::6815:126
2606:4700::6810:dd1d
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c08::9a
2a00:1450:4019:800::2001
2a00:1450:4019:80c::2002
0280cd19481188fbdbe4075109f35e3c21bf5492cffa46a9c51fb27c553da259
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07aac2d92951de4f50bfb02c62483a2d2c69002c60a80988fa83d5686ec7915c
094554e8797342c3e1aede22f4240de03e5e84ff2cfeb883e7e2db1a0eb9782a
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
156428ba6bd41fcd10d25b81801270248d3c87537755925982cc18acedbaa17c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
197f350c3ff332db3d2a25b895a26b8aad8f073212da19d4c8e63eedc8cb9240
1f5b513591babf7aca84392165e2e2cf3591e09c4da3e0742a8d4a245738782c
1fafe30aca809c3b69b241a1601a0a6648cf478a09923436d21ee0805bfa0d3e
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540
273db78868eaa12521fd80867ddf82c25d7ee358bca435e21136813f805fdcfd
28c009b3cabe983c3b0c2245d5fd5b722125ffdce39488039ea8d670996a183c
2cc9e663a054e8bd3d7a3fe3b38180aac6d82f8d8058e3959a59f8e0c35388cb
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
32445f1f46f11c640971c30dfe08e42b494a9bc1618480fdd13931cee822f8d5
3359622a102831c9b10e5b02f1c05ae3c2ea6d7b349207ff6d6f51b829d23e43
35da1ece24174156f77141f4e896c7577aa29cac64ff778c4b48580938426180
383572e0356832eca70b484f1de89fd1573709cc531abd998aa9611d4f2d8b6b
38506fc87d7a5b8d177c7ba748cc9a80bfa58d48486f4e16c0d30e39fac70203
38c189becc1f737da8877966a28e9bddba05a1b9d975029c2d595dfbf2f36c88
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
3bf667359356fafe2d656edaced3f3fdbd8279434739be05b192c8630ac73a03
3c7ec6a7103b2f29e582c930ea8d97a6c383ea1833194243b89b481a01c4829b
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
54c5b0a34dd0b9ea5ef2db5e58daefbb57ead95e611121f41466f99e860866d4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
5b16b598f8e894be3ccdeb19c3e311de0b11b630b1ffde7d63801fb1f924f339
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ccbd7772908f1d9fd7d9ee5c80b7734218c6612a1c0ccdcf2a2219b8511262
625684ea8fe83a7c4cf1a4331faea079c62dce467d72bf171cb25e11cb32b7ba
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71a34ea833032da0aa014174811105c44ae02706bb5f0032ded257fde67a17dc
720a13f7841fa7805807379b2782b2e0586dd473d3f705960871b335b6d0aae4
779ad36a6a6e137f3815a65e3baecd305e7019c21ba58fca1e657b9b451e67a2
7a390046d86de6e6ac256bec2b8bd078d54c969c5f4de29b8abad87658b80a93
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
7d47e250c32345ba95132b6bc268455582827e47ce0cd2c4d39ce27d731e6302
7ed969f149a23a1b41813a51ec0ffd2904640696f491b80d04027a7db6ba2f89
7efea8f7e4fd16b84faed219d2e42b5b7a3f2097a9c80deb1fd4f2750353de75
9fff4c21fff42883822ef08814ebecc0e1dfd9108856a16b2dcc16d38e45a70b
a03c3e23a14d39c325cd7434b2b1901f926212fd8b8d85ad2e98e7467bc388d1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fda2a8d7ca683fece6a4373ca60d090256ae6e730a2d1f5d0530af0b0976b2
a28881998a8705ca2040cd7f0e3ec1b995c41660ffe5b9bee1a874ac21973b06
a399774868dfc3f92127f335fa15cbb48aeda022f30229796e6070aee870cb74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8765d5e3aac1d4dd3fcbc8e692518406876f7dc7d867bd07fdff363c74ec1a0
a98d433c1134c8300aed6fa9a4e402c174f72d3c5a9d697186b005f6f137e782
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6a1cedc946476013e7408a6a25c9fbe7bc20ddf6ac437353f26a73823143f4e
b9b19bac6849e742b83af709a6e01f635f9e532bbdc6bc266201fd3bfbf6d949
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
bb390db75f22f09e7fc2f24895418abb70ec68dcd3fab7f88f49113e6122443c
bcd849902f640a1929170da52cf11f931f045f0cdff93af10f798af9698f0049
be2e04cecbcfd781b640159d04691b2add96725759f769d0a253727dd74b3c2d
c3b81ac143fb46a3312a4aaefea5a61ce1906abb07094eb147e790bb893b66b5
c845a67ffe983ed11b04eb333cb311d10639ca9fa85b14cdc66e7b8839a4da32
ca943c56259d7aab31826131b12d80c0ea4065f0e9100d3128f8fa9e1094aa86
cb168dee1eb24ea259f0e913b5a0cdd7c420532918f099d99f6ff24ba645c77c
d2cf3961b5fa6b9fb9da0a47805b1dd1631afda4c8108ffc99a1da0f18816dcb
d7748b87294731fbb66702b0c7122861dbf526924fdd2eb8d99e7ae430668447
d847a2b472bb4f98a901aecde2461eba0d47978d1ee4c0e386e3ee299e8ed96b
db867f5f6da589a0db7cec191c15aee56709a25400a62937d05642809d7e9ce4
dc7d7c59e2bd9d341bb3af23407a76d9d4c230822a95537ca86e7ae2262e0619
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e178c5fd15bda98a0f61e02f9b785df5075eefae1f91fd277ae187c62996a874
e26438578c1cd63768168574b24b13209fd23756b5e7fe5be9047c7710c66172
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63e150802cb6521f1082f50e27a68b516c2afe27832d5cec6be1d2027339083
e76464bb5158c3ad0b7e691337453142fa32db46735845ab3780c7999414a8c3
e8403b806d50b7d3b33c026cdeec7588fb8091c878f1ffab73b17700ff87ba8e
ed9b23a41d581790ee7f9d771ef4ace10989df7ef978b427cd158a8a3c8efde0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11bb7d6c88bb87be6ee5cdc0d74d6edca77ea902c2a5c9509e4ebac511d020b
fafe7818a41c059503c456f7c05b733a3334e9e0ed4241cc9189600b9ae687e9
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

ufonts.com Open in urlscan Pro 2606:4700:3035::6815:126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

97 %HTTPS

64 %IPv6

19 Domains

26 Subdomains

25 IPs

6 Countries

1470 kBTransfer

3722 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ufonts.com Open in urlscan Pro
2606:4700:3035::6815:126 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

97 %
HTTPS

64 %
IPv6

19
Domains

26
Subdomains

25
IPs

6
Countries

1470 kB
Transfer

3722 kB
Size

17
Cookies

112 HTTP transactions
6 data transactions