urlscan.io logo urlscan.io
SecurityTrails logo

www.fontface.me Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.fontstatic.com/
Effective URL: https://www.fontface.me/
Submission Tags: falconsandbox
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 61 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.fontface.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time www.fontface.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3035::6815:1ccc (United States)

ASN13335 (CLOUDFLARENET, US)
www.fontstatic.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.fontface.me
12    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
357 KB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
652 KB
5 fontface.me
www.fontface.me
57 KB
5 fontstatic.com
www.fontstatic.com — Cisco Umbrella Rank: 265017
127 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
54 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
85 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1936
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
645 B
61 12
Domain Requested by
14 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
12 pagead2.googlesyndication.com www.fontface.me
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 static.doubleclick.net googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.fontface.me
5 www.fontface.me www.fontface.me
5 www.fontstatic.com 2 redirects www.fontface.me
www.fontstatic.com
2 www.gstatic.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.fontface.me
www.google-analytics.com
2 www.paypalobjects.com www.fontface.me
1 www.google.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
61 16

This site contains links to these domains. Also see Links.

Domain
www.alaabadran.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.fontface.me/
Frame ID: CC535AB1F92FA10CDC28CC5487EAC9D2
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: 5A24EEFEF603F72E0A5EA02115065BBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Frame ID: 555EAECBE14A4DCB5AF08BA89CD6EEDE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&adk=1812271804&adf=3025194257&lmt=1657007464&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fontface.me%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007464009&bpp=1&bdt=164&idt=107&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1142x280&nras=1&correlator=1590345091238&frm=20&pv=1&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=112
Frame ID: 4310966FF35A84996EF06B26F98ADB48
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: F1CBB6AB3744C5326F7BAA489F1E290F
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Frame ID: 240A1ED40D5258A1908CC0542725ED05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Frame ID: CD40BEBADFA7489C307BEEDC571347AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7DB12B577542C5C48165AC37F793A5E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C6C901CE152EEA4D77DD52F94982AEA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

خطوط عربية مجانية ومرخصة للويب - فونت فيس

Page URL History Show full URLs

  1. http://www.fontstatic.com/ HTTP 301
    https://www.fontstatic.com/ HTTP 302
    https://www.fontface.me/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

61
Requests

98 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

17
IPs

2
Countries

1360 kB
Transfer

2488 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.fontstatic.com/ HTTP 301
    https://www.fontstatic.com/ HTTP 302
    https://www.fontface.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_po2QyQEQgwQYgQEyCA0gY_xqzS1r HTTP 301
  • https://tpc.googlesyndication.com/simgad/17358737545053659026

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fontface.me/
Redirect Chain
  • http://www.fontstatic.com/
  • https://www.fontstatic.com/
  • https://www.fontface.me/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fontface.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.14
Resource Hash
a9a92b177abcda819d7b8038a040df3386b7542f9a3c872eb254a247942d1e9c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=172800 public, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
725e83687c06bbd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 07:51:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 07 Jul 2022 07:41:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FVyFkufiBamw4Y1aBF6ARfnv2yZSsN8g0P4sb4Pe2ScHUCPI3BL%2F%2BWR%2FXzR6J5nf%2FYjVdjpGozbJhY%2FRjYlrySORzG9D%2BmevP87unhTsIcqYK0om7q5YsaNQRZ0M0u2kn%2Fz3JB03ieZWn7iarA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.14

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
725e8367cd1d9152-FRA
content-type
text/html; charset=UTF-8
date
Tue, 05 Jul 2022 07:51:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.fontface.me/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPhRe3T8guqDYsNlMyPFinn9nyOpwPxNdB7OFlZoPDM0Y%2B3bobFbepry7MNtB%2B%2Fs5DdWRkECvk6LCiG4Iv0nrair7wBgW305eoXH1qCxJhXHtDM%2FgqF1%2BkNVxgbuV3uMUZicVDOkurGKOcLafcodm7E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cache
MISS
x-proxy-cache
MISS
f=DroidKufi-Regular
www.fontstatic.com/ 		294 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fontstatic.com/f=DroidKufi-Regular
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92578b453a34919561fb3b32099f75e0e52ee315086ae0450eb3f7b00b29310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czU6Nt6ZsnN0Wqulup2jrel7xvwm8Ul9xkhX3KIherVcE%2FV2BbFwXckizIEk0yUqhzdQhHsmFpMCLiX27e3wyrigEcKAvziaXxBtUHzd2wWZHN2gLnvbsqnf4ds3Vc1K0ILBHf5OBWEzawSwM2MIqQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-cache
MISS
cf-ray
725e83690f209152-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache
MISS
5c6bb9f6.main.css
www.fontface.me/styles/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fontface.me/styles/5c6bb9f6.main.css
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac20db5efe11bb97510883db9e245cae5c185f4354ddade1d18036c570925c7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137665
cf-polished
origSize=90205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Sat, 29 Aug 2015 17:07:43 GMT
server
cloudflare
etag
W/"55e1e6df-1605d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmaqvE1NZtVLtLHG4hg6Mq9MWotFDHkj6UOC1KaJdea%2FXFYUxLT9Y88a4eyEpl%2B74d9fBs%2Ba5RNU0Ey2WXhpJHI8IaggS51KlqcxOj6FQrmc6qYRyt%2FTq3cNfEJxP%2BblQniFaC0IEtmx0s65VOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sun, 03 Jul 2022 18:35:58 GMT
cache-control
public, max-age=432000, must-revalidate, proxy-revalidate
cf-ray
725e83690d06bbd7-FRA
cf-bgj
minify
font-face-logo.svg
www.fontface.me/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fontface.me/images/font-face-logo.svg
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7557d513ee7e0acb131de2a6365a754a8f0c1d9b5417527982c77709b1cdf204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
160049
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Wed, 14 Sep 2016 22:15:35 GMT
server
cloudflare
etag
W/"57d9cc07-ea9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZglOh8luC0MwT6elkRRGBatg3r4G7yD0a32OFixW%2BuD8JAHACj3UMlrTOVQRkgezIrbSt8%2BMeqXmkwDjjMBCBTLI3irBWmNDVEI8Pvqn8TOcxZlJQzprj7ZujmZqO3AjSnccSkNQ0xSFAkR%2F6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=432000, must-revalidate, proxy-revalidate
cf-ray
725e83693c039b83-FRA
expires
Sun, 03 Jul 2022 19:40:24 GMT
fontface-home.png
www.fontface.me/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fontface.me/images/fontface-home.png
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6070b65fe1885e027d5335ef8ff4a3b626808fff42c58284b4a42a7b8bd8a857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121103
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11182
pragma
public
last-modified
Fri, 28 Aug 2015 17:32:22 GMT
server
cloudflare
etag
"55e09b26-2bae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chUY602l%2Bebvm4A3FLFdxikRrBNQch04ZKVPZWcWv54RjkgEzp%2BSzZq7i42yBAXw7hwC4%2BMHBKXjcN%2FOH62e5DlCLTJq%2Bd%2F05XhjApagP6BMsaf8Vn9z4tgErRHFpwdSs0PlUaPtmGPSTsoKki0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=432000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
725e83693c049b83-FRA
expires
Tue, 05 Jul 2022 20:49:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ffb7a37344350f53599091d1e666db0934e60c94121ebf41a4f3df2dbfc040d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56377
x-xss-protection
0
server
cafe
etag
2699991199354395551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 07:51:03 GMT
btn_buynowCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58e0d82e00a38d6b340424fecd1b86f33cdb69a642df4594c8d73ffcdb6d2e21
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=3349 idim=171x47 ifmt=gif ofsz=3348 odim=171x47 ofmt=gif
paypal-debug-id
7405cdb0d7d8c
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
3348
x-served-by
cache-sjc10039-SJC, cache-hhn4036-HHN
x-timer
S1657007464.932791,VS0,VE0
etag
"SNSV46nYqESq7/5PFFa7zDR7xjEWReBZKwPPBRPDtuc"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
9, 80
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		42 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
3b332fe3ea371
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10034-SJC, cache-hhn4036-HHN
x-timer
S1657007464.933084,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
34, 10290
3ee9c4441.fontface.js
www.fontstatic.com/scripts/ 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fontstatic.com/scripts/3ee9c4441.fontface.js
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ae911509a3130a049e1e830067c2d6376fc3f1d6a00cee74a738c5319327cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=121966
last-modified
Thu, 03 Oct 2019 11:26:15 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"5d95dad7-1dc6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4CoSs3%2Bi%2BXDKg3cB6vXAfqhp88Si0gZhYwmkAw8jZdekQ%2FnhkZQvl5gt8dCOKbY%2BEH%2BfqpIOFBZVwOc8uh%2BL%2BVBqeeuLGWxJdE7fb%2FgB9Hdy9dWjCcaKXbKbWMrwJ9aQEm57ptrT4X6ucwdRzUUzYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
725e836928c992c9-FRA
x-proxy-cache
MISS
DroidKufi-Regular.woff
www.fontstatic.com/fonts/DroidKufi-Regular/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fontstatic.com/fonts/DroidKufi-Regular/DroidKufi-Regular.woff
Requested by
Host: www.fontstatic.com
URL: https://www.fontstatic.com/f=DroidKufi-Regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bc753c7a33c6f11d4a5ec9c1e5fae6fe9de685b486762b30ab093fea57f97e

Request headers

Referer
https://www.fontstatic.com/f=DroidKufi-Regular
Origin
https://www.fontface.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Jul 2019 17:49:59 GMT
server
cloudflare
etag
W/"5d30b147-14cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKiruUOQFWXgdBQXct27wx3H8Wbe86xql%2F84pRXpsPVT9kLLzOcjIFYSqYSR3vAEnairsBcrg%2BMJLqXRo4rjUq9sY6cq%2BUF%2BtYigcC214iBZYqs24QnXBMoCcgql8IimVtJ3Co02dPFQ9YaCt4RFSlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
725e8369789959d7-MXP
x-proxy-cache
MISS
glyphicons-halflings-regular.woff
www.fontface.me/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.fontface.me/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/styles/5c6bb9f6.main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Request headers

Referer
https://www.fontface.me/styles/5c6bb9f6.main.css
Origin
https://www.fontface.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48454
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
last-modified
Mon, 10 Nov 2014 20:32:59 GMT
server
cloudflare
etag
W/"546120fb-5afc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnPsa0VcvMgJ9LtEzi%2FsuSlwQaR0HkQDTRIlyNgSuLmalSmOU7%2Bon2negFJVb6roA1q0RC8bueHgpyHkyiGgGm1qyuVUgr%2Fc%2FXpua1W2Ba4nD%2FgbvKK1CBK%2Fk5d%2BF6CDTwZ07SJBR5sh3Mqt8Oo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=432000, must-revalidate, proxy-revalidate
cf-ray
725e83695c469b83-FRA
expires
Tue, 05 Jul 2022 11:16:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2775
date
Tue, 05 Jul 2022 07:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Jul 2022 09:04:49 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ccc34c56ddde9859e5fabe9fe08fc891b8045aa804d5909a57dbc5dadc6f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122217
x-xss-protection
0
server
cafe
etag
3758514223028115795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 07:51:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame 5A24 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56914
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 16:02:30 GMT
etag
10429905676100781186
expires
Mon, 18 Jul 2022 16:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1780169647&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fontface.me%2F&ul=en-us&de=UTF-8&dt=%D8%AE%D8%B7%D9%88%D8%B7%20%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9%20%D9%88%D9%85%D8%B1%D8%AE%D8%B5%D8%A9%20%D9%84%D9%84%D9%88%D9%8A%D8%A8%20-%20%D9%81%D9%88%D9%86%D8%AA%20%D9%81%D9%8A%D8%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1537439630&gjid=794336317&cid=1341007337.1657007464&tid=UA-56663523-2&_gid=1915929388.1657007464&_r=1&_slc=1&z=1616077116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fontface.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 07:51:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.fontface.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		215 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.fontface.me&callback=_gfp_s_&client=ca-pub-5456278175763652
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
cebf7ecd2653be4e667e76040ecdb2e94563d92a83c3395a7a9ffe91a37ce79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fontface.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fontface.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 555E 		88 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bea794c193e7e295a93d9ca4f10e5bce241f59ea6f8e88c1f16abdd172f50c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
31503
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 07:51:04 GMT
expires
Tue, 05 Jul 2022 07:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4310 		123 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&adk=1812271804&adf=3025194257&lmt=1657007464&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fontface.me%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007464009&bpp=1&bdt=164&idt=107&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1142x280&nras=1&correlator=1590345091238&frm=20&pv=1&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b19ebba2472c15b94e503aa845b6d8c2309f2323a8609c4d5fe6283c66b92689
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34678
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 07:51:04 GMT
expires
Tue, 05 Jul 2022 07:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4310 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20220629&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&adk=1812271804&adf=3025194257&lmt=1657007464&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fontface.me%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007464009&bpp=1&bdt=164&idt=107&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1142x280&nras=1&correlator=1590345091238&frm=20&pv=1&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=112
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 07:51:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 555E 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 05:52:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 05 Jul 2022 07:51:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Jul 2022 07:51:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 555E 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:49:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:49:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 555E 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:31:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 555E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:10:18 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 555E 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 07:51:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 555E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:47:14 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 555E 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Oct 2022 07:22:26 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57db07c04e86feddc99e94313f0738af62045563affc7ea6f094568fa86ffd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54415
x-xss-protection
0
server
cafe
etag
9372049946932579108
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Jul 2022 07:51:04 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 555E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CGqt6aO3DYvv2COmBjuwP3cyqSM7c8ORqtde7mJcQv_-549cCEAEg38OEGmCV4pCCoAegAe-GpOQByAEJqAMByAPLBKoEywFP0JepPZpFBmnuq8I3PwEEx9oGBYmEHiGcwXWYJvZXfOqSV_hbJhv27CHw3pBPgNzwI9ZTh780n0E9wufr-W37l47dl9cF4230dkF2budbZTjGxaEE2baM4spPthDD1olfWUgYmCapZQWVIM7Fl5jveUKrOLyhXXvzn8gwSUKRxdbNeszZpG7xQ5ut7P7DnNX10gfF788I4G2y5nKmn6jJhYD6QRgburQPuukx8e1LGDDiUijeGZN2H7lHSclEbyoooNjBYp8sisZqscAE4uiLo_ADkgUECAQYAZIFBAgFGASgBi6AB_n425sCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ45AZ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTU0NTYyNzgxNzU3NjM2NTIYAA&sigh=YF-EkS9TtF8&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Jul 2022 07:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Jul 2022 07:51:04 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14894595347343908206/ Frame 555E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14894595347343908206/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3c5e848f27a56be30ff92874cd8249824b4e51025fee1bcf7a43aca65baf97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 08:55:24 GMT
x-content-type-options
nosniff
age
428140
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25345
x-xss-protection
0
last-modified
Wed, 22 Jun 2022 19:10:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Jun 2023 08:55:24 GMT
truncated
/ Frame 555E 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 555E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fontface.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fontface.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame F1CB 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 17:15:02 GMT
etag
10429905676100781186
expires
Mon, 18 Jul 2022 17:15:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1CB 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:43:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:43:02 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F1CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CL7JlaO3DYviDCdaPjuwPnuIttavU-mrl07qklg79geS26wIQASDfw4QaYJXikIKgB6AB7byjzwHIAQmpAk1uNoeggbE-qAMByAPLBKoEvgFP0JlLUQg5ghIsk6StZsVTJFJPAliLgF8CE4wsEOnHdssAxPU3g4NESu5q8EymmoFl9JtWxAGlJHXWcAfSNfetyYS4HA5B1CAQY1pxKY5QIeRwc0crRBl-yXR3kw_3C84KEP6WHCo0sk332WOknuG29Fdkkl0WMNnKP69fRHUoBm2OAVw108UoNkyv7XrK5SCFZ1f-jQ-JU4c5lYjJRE1PI7ic6c3swACQz1GnNuEKAJlTVRSFfMtIiiRrD5j2wASTrpv86AOSBQQIBBgBkgUECAUYBKAGLoAH-8LcsAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ678G0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTQ1NjI3ODE3NTc2MzY1MhgA&sigh=9qQH1Lz10dY&uach_m=[UACH]&template_id=494
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Jul 2022 07:51:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame F1CB 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:31:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:48:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F1CB 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 07:51:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F1CB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Jul 2022 07:47:14 GMT
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame F1CB 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Oct 2022 07:22:26 GMT
3402864653013247709_17655856817315917845.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/3402864653013247709_17655856817315917845.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c62b53c850ed7a4b49afd96c9a30288917d295c8a64ab6beea8da69291b8cd49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:02:17 GMT
x-content-type-options
nosniff
age
380927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63224
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:02:17 GMT
13209641090238998253_9007905274707716527.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/13209641090238998253_9007905274707716527.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c6f92a2d16c53ef8f46bec124b278ed63970c7fbd6efab222a49e047049c0ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:02:15 GMT
x-content-type-options
nosniff
age
380929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103726
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:02:15 GMT
4184027627759578730_18426257080260035202.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/4184027627759578730_18426257080260035202.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d703ea15dc07631500d2fcef10cd4ab5e8ec47a3279b61fa0ebc772e5a144c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:02:22 GMT
x-content-type-options
nosniff
age
380922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76142
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:02:22 GMT
53866686122765674_4461133478804707519.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/53866686122765674_4461133478804707519.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03018d6aafde4a1cdb89a25a3d71ad1e29b81f7b71ce0f0959fd11b891d3c7b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:05:04 GMT
x-content-type-options
nosniff
age
380760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141116
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:05:04 GMT
8217459608019500999_17305188678482298485.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/8217459608019500999_17305188678482298485.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c886d48c1c178f3437f9159a617e35368e50f9be0c0d0bbf24bd4c6285113b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:06:50 GMT
x-content-type-options
nosniff
age
380654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140371
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:06:50 GMT
16325990501737142539_195602139743165210.jpeg
static.doubleclick.net/dynamic/5/385409398/ Frame F1CB 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/385409398/16325990501737142539_195602139743165210.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
245c9659175f4a55c5424791f7c8442ef6004dac391148c833e00b5cd0797471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:02:15 GMT
x-content-type-options
nosniff
age
380929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66282
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:55:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 22:02:15 GMT
17358737545053659026
tpc.googlesyndication.com/simgad/ Frame F1CB
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_po2QyQEQgwQYgQEyCA0gY_xqzS1r
  • https://tpc.googlesyndication.com/simgad/17358737545053659026
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17358737545053659026
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
464db0771f1ab3055cab31a882499224a1aff66a2e59a89ab4fdda18f5f5ab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 23:10:05 GMT
x-content-type-options
nosniff
age
31259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4257
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 09:11:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 04 Jul 2023 23:10:05 GMT

Redirect headers

date
Mon, 04 Jul 2022 19:46:17 GMT
x-content-type-options
nosniff
server
cafe
age
43487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/17358737545053659026
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 03 Aug 2022 19:46:17 GMT
truncated
/ Frame 555E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aec9de072c4379e50008aaa4b552090ec355432045fa5534129af31a0c76418f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 555E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 08:44:44 GMT
x-content-type-options
nosniff
age
515180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 08:44:44 GMT
yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
pagead2.googlesyndication.com/bg/ Frame 240A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5456278175763652&output=html&h=280&slotname=6198725782&adk=2267148154&adf=2289084161&pi=t.ma~as.6198725782&w=1142&fwrn=4&fwrnh=100&lmt=1657007464&rafmt=1&psa=0&format=1142x280&url=https%3A%2F%2Fwww.fontface.me%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657007463991&bpp=3&bdt=147&idt=97&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&correlator=1590345091238&frm=20&pv=2&ga_vid=1341007337.1657007464&ga_sid=1657007464&ga_hid=1780169647&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=229&ady=407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C42531605&oid=2&pvsid=1624082133130915&tmod=748848771&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UZE8SZW9tv&p=https%3A//www.fontface.me&dtd=118
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13895
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 07:22:25 GMT
truncated
/ Frame F1CB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d29192683461ac6fbeef35946a1d09ecd78fa2d4d1975e4565e28642653c6e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b51ce2a605487145c5a193b8f88912f6a1afeca8a63ac844c155720c0f1f3709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Jul 2022 07:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10659
x-xss-protection
0
yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
pagead2.googlesyndication.com/bg/ Frame CD40 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Requested by
Host: www.fontface.me
URL: https://www.fontface.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13895
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 07:22:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5456278175763652&plah=www.fontface.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Jul 2022 07:51:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7DB1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 07:22:26 GMT
expires
Wed, 05 Jul 2023 07:22:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C6C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc07cd76f9150877f3d98b6a50f54abd0c8133836566500cb6dc8eab5a80b785
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FDpfH6xPsudjUurOrTSqMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.fontface.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-FDpfH6xPsudjUurOrTSqMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Jul 2022 07:51:05 GMT
expires
Tue, 05 Jul 2022 07:51:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
pagead2.googlesyndication.com/bg/ Frame 7DB1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:22:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
1720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13895
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Jul 2023 07:22:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C6C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1624082133130915&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7DB1 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9RDgjA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 07:51:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1624082133130915&bg=!yMuly4_NAAaLlKKnq5Q7ACkAdvg8WjOoxDJGwxnO_Dg1lqQc1xXrBWhsu8amc65Yhuk9-yiwHTzzHAIAAACCUgAAAAJoAQcKAJ3eKSIQmxLB4JoBKBeEwayM3f7cMXKlHqHO_qsTMkuRErLIY_ZeoEJamQzUUSRtM-9tFTGNaLghVYXXV0E4fYkRLpxieZNOniFISpJr80oZ-Wa8DpWiXGSgLuCBtt2tyG2GgPG3LM051pPwtJXzilAhXCX4rnZo686ToK0IcJcp8m9zdd-p6752-aMC7EV4EI5tNzdoU43OaXcwWdZnmQKSFnBpH__GKLavquhwXoc66aPU9BvyLxyB5Rg_yimXTKy1LnvGc3RsCVQLIKTzna6GV0__1f5o7zgQQFZI9nA8tTxskOEpL5B8AWI8CjaZ07Z_TNUGBFjMts7pMLNMJwpnKpLzDMrABpwAk0fbK1HP5FioC6LqGUdVn0k-F7d_7Zwr_D33w9SNzmS8gzk5KD0FKofkboVH3XbD9ykufYPmZU9InJisCwemUwEjEx_CJdVrHXj43OAnN3PIzXqI-Wcrbc64G5YuiSPGMTUbmyaFi9u_S8XMvi-F0SJ-KOw0_ska1XkiBilQDGD6pXadbRpb3i3Pv6HMcs-xTh1oZxTtiUrArodQeYP9MhAlQbtEIuQB68D26_Al4HCTwHUtiQz7Ao7XyB_H4znHo6bv26FW-k25DwYQaoYSbgC9CNewY-Zna7CXoHQQzq7jGnCq73yc6oqUNlFDdAcP87Uqvev5dpVylTMngXgZso_13uV1yC_AOXJl33Q54J7N3KxlH122CpmYEsFAYGQZdYpsCC2DRpOLKA3t2HuuwlMluZYWiawqolKPzq0lRZnR9Zkr_rKFYEClH0RrUgG-_mYm8RL3n0Yz6Trcl6pA-diob7dg6qJdPs5Hy18836spOHTjQYoxu9UjxxF8yRfsnkl8eu41ETdnKGN5tsTQVrsE3LTpdRtpMXB2EYJirNVM9Vb74A7bADLfvZaUvlTEud6As7LgyAit8CDuyzce97R5Cwq9BE8YK6mYMayiSzPDCH7_8bCCMIyoTTM-jEx9f6PCnyJAxhTHh28qKcxOcGj_baFTPMOWi2jAPw2AdBybr5UbNO0M4kur3tk5r-6smrIWJoXT9xo9JzxMxXZJotk4UkjpW4ALwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.fontface.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 555E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6sQDXFyKFiBILCutEr0KWoTei-SLAjY-eygK4q05LG5sxnN8rTb7yM8jT3e32a3o-1umcqvkEePXMsOZLZyFq8qWnNhFkUottr2qkUXz9Ziq0iNjuCKj4uYx493JGtTu-WyKs7g&sai=AMfl-YRJTlaC_XgQ50SsN5ZCupNzLSROxN8x0lJgL3N6QZllRlEn9fIXaOHcVZf1hV_eUnfsdjRu_M-xuP8J&sig=Cg0ArKJSzLKA1hso64s5EAE&id=lidar2&mcvt=1000&p=0,0,280,1142&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2267148154&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657007464111&rpt=699&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 07:51:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F1CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4Dfuof-RYrbkusE_7WaduwkPyCt_esKKDNCDxzL3oizSVyLajhi8RkrcBE1HpW3hfx9y77SNfehFRrmyoRpsGJIrZ0AfV9YSC-_X8DRyqcly8pXrRtfhjQxxYsljyHl6LUKlaRg&sai=AMfl-YRLdwxAck11EWuMRZ7yk88YBXsdQUbTk9swIYZVGWo-JEh8phca_beNHzXBgp0N_CXkb1WuzlfaOGPc&sig=Cg0ArKJSzM6pxFxwKq5GEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=108,791,1000,1112,1200&tos=108,683,209,112,88&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657007464734&rpt=198&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Jul 2022 07:51:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adsbygoogle string| baseUrl function| processFonts function| htmlEncode function| updateFontList function| updateUserFonts object| userFonts boolean| showCode string| fonts object| fontIDs number| $page object| $fonts string| temp boolean| userUse boolean| typeAll function| $ function| jQuery object| jQuery19106023450421371404 object| $form string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
www.fontface.me/ Name: XSRF-TOKEN
Value: eyJpdiI6Ink5M1dcL2g3ZW5BSVpRVGo1MnBjYmt3PT0iLCJ2YWx1ZSI6ImNEMGhqZHdTUGdKU21tSXdOSXlUZjYxZEpBZjBzb3hWQWRLcllDYytcL2x2NmtzYjNNOFlZWEc1bThkS0l4RHBqaTE2akhEcG1qWVZUWXZHd1ZUV3RDdz09IiwibWFjIjoiMTQ4YjgyOTdhNzgwMGE5ODZjOGM2YmM4Y2U1NzM4ZWYxMTBjN2ZmZWY2MzM2ZWNiN2NmZDAyZDhmMjA1MmQ1OSJ9
www.fontface.me/ Name: laravel_session
Value: eyJpdiI6IlJGVzM1aVdRV3hyYnBPbGtxNzIzY1E9PSIsInZhbHVlIjoiR3ZWNlZOdG5iYlRPcHFMcXpuSVF3VEI5QUw5TmRURlZkUENlbkhTMHNLNlBVV0VIZ0Z3TUVMc1Zwdk96OEI2bGtBWWZ4aW5zXC9JWTlEeGR5bzY5YjVRPT0iLCJtYWMiOiJiMjMzYTFmNWUyNmY0MWVhNTcyZGE1YWQ5ZjBhYTRmZTlmYTRmZDIzYWE2ZDhlMzE2ODJhNGQ1YjVkYjY1ZmM0In0%3D
.fontface.me/ Name: _ga
Value: GA1.2.1341007337.1657007464
.fontface.me/ Name: _gid
Value: GA1.2.1915929388.1657007464
.fontface.me/ Name: _gat
Value: 1
.fontface.me/ Name: __gads
Value: ID=9b4398ca883d15fb-22d2b9ccc4cd0014:T=1657007464:RT=1657007464:S=ALNI_MYDRTRaiatBXj35FgPQaxqe2TLKtA
.doubleclick.net/ Name: IDE
Value: AHWqTUn-LxBwziywDGvAaaHm5kJyKOLNXtgUJFe-tmB8zPRs45C7YDh8VlT_vBhqzKs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
tpc.googlesyndication.com
www.fontface.me
www.fontstatic.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
142.250.185.226
151.101.66.133
2606:4700:3035::6815:1ccc
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2006
2a06:98c1:3120::3
03018d6aafde4a1cdb89a25a3d71ad1e29b81f7b71ce0f0959fd11b891d3c7b7
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
1ffb7a37344350f53599091d1e666db0934e60c94121ebf41a4f3df2dbfc040d
245c9659175f4a55c5424791f7c8442ef6004dac391148c833e00b5cd0797471
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
464db0771f1ab3055cab31a882499224a1aff66a2e59a89ab4fdda18f5f5ab71
48c886d48c1c178f3437f9159a617e35368e50f9be0c0d0bbf24bd4c6285113b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57db07c04e86feddc99e94313f0738af62045563affc7ea6f094568fa86ffd92
58e0d82e00a38d6b340424fecd1b86f33cdb69a642df4594c8d73ffcdb6d2e21
5c6f92a2d16c53ef8f46bec124b278ed63970c7fbd6efab222a49e047049c0ed
6070b65fe1885e027d5335ef8ff4a3b626808fff42c58284b4a42a7b8bd8a857
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ccc34c56ddde9859e5fabe9fe08fc891b8045aa804d5909a57dbc5dadc6f10
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
7557d513ee7e0acb131de2a6365a754a8f0c1d9b5417527982c77709b1cdf204
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
89bc753c7a33c6f11d4a5ec9c1e5fae6fe9de685b486762b30ab093fea57f97e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9a92b177abcda819d7b8038a040df3386b7542f9a3c872eb254a247942d1e9c
ac20db5efe11bb97510883db9e245cae5c185f4354ddade1d18036c570925c7f
aec9de072c4379e50008aaa4b552090ec355432045fa5534129af31a0c76418f
b19ebba2472c15b94e503aa845b6d8c2309f2323a8609c4d5fe6283c66b92689
b51ce2a605487145c5a193b8f88912f6a1afeca8a63ac844c155720c0f1f3709
b7ae911509a3130a049e1e830067c2d6376fc3f1d6a00cee74a738c5319327cd
b92578b453a34919561fb3b32099f75e0e52ee315086ae0450eb3f7b00b29310
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bea794c193e7e295a93d9ca4f10e5bce241f59ea6f8e88c1f16abdd172f50c45
c62b53c850ed7a4b49afd96c9a30288917d295c8a64ab6beea8da69291b8cd49
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
cc07cd76f9150877f3d98b6a50f54abd0c8133836566500cb6dc8eab5a80b785
cebf7ecd2653be4e667e76040ecdb2e94563d92a83c3395a7a9ffe91a37ce79a
d29192683461ac6fbeef35946a1d09ecd78fa2d4d1975e4565e28642653c6e5d
d703ea15dc07631500d2fcef10cd4ab5e8ec47a3279b61fa0ebc772e5a144c1a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5e848f27a56be30ff92874cd8249824b4e51025fee1bcf7a43aca65baf97e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629