eng.m.fontke.com Open in urlscan Pro
47.241.58.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://eng.m.fontke.com/font/110098506/
Submission: On June 24 via manual (June 24th 2023, 2:34:38 pm UTC) from KR — Scanned from DE

Summary HTTP 140 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 29 IPs in 11 countries across 25 domains to perform 140 HTTP transactions. The main IP is 47.241.58.156, located in Singapore and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is eng.m.fontke.com. The Cisco Umbrella rank of the primary domain is 927067.
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.

This is the only time eng.m.fontke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	47.241.58.156 47.241.58.156	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
19	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	58.254.150.48 58.254.150.48	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
1	2600:9000:20e... 2600:9000:20e1:9400:12:30a1:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a01:53c0:ff1... 2a01:53c0:ff11::4	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
17	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	103.235.46.40 103.235.46.40	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	163.181.92.232 163.181.92.232	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	2800:3f0:4005... 2800:3f0:4005:406::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.166.156 64.233.166.156	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 11	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.73.11.83 3.73.11.83	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401e:28::6	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7a17:40a9:5794:5e61	16509 (AMAZON-02) (AMAZON-02)
140	29

15 47.241.58.156 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

eng.m.fontke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
statics.fontke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.fontke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.254.150.48 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

zz.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e1:9400:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ssl.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:53c0:ff11::4 (United States)

ASN54994 (QUANTILNETWORKS, CA)

lf1-cdn-tos.bytegoofy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.40 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.232 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

zhanzhang.toutiao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2800:3f0:4005:406::2003 (Argentina)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.11.83 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-11-83.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.243 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401e:28::6 (Ireland)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:7a17:40a9:5794:5e61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	480 KB
29	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 bid.g.doubleclick.net — Cisco Umbrella Rank: 807 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	206 KB
18	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	171 KB
15	fontke.com eng.m.fontke.com — Cisco Umbrella Rank: 927067 statics.fontke.com analytics.fontke.com	304 KB
9	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 imasdk.googleapis.com — Cisco Umbrella Rank: 495	137 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 635	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	224 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1161 r1---sn-4g5ednsr.c.2mdn.net — Cisco Umbrella Rank: 429845	953 B
3	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7889 sp0.baidu.com — Cisco Umbrella Rank: 18687	12 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1039 r.turn.com — Cisco Umbrella Rank: 3929	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	497 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 976	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1675	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1233	213 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 601	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	788 B
1	toutiao.com zhanzhang.toutiao.com — Cisco Umbrella Rank: 50605	589 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	600 B
1	bytegoofy.com lf1-cdn-tos.bytegoofy.com — Cisco Umbrella Rank: 38257	1 KB
1	qhres2.com s.ssl.qhres2.com — Cisco Umbrella Rank: 84784	932 B
1	bdstatic.com zz.bdstatic.com — Cisco Umbrella Rank: 28000	563 B
140	25

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	eng.m.fontke.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net eng.m.fontke.com
10	www.gstatic.com	googleads.g.doubleclick.net
9	statics.fontke.com	eng.m.fontke.com statics.fontke.com
6	c1.adform.net	6 redirects
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	fonts.googleapis.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	eng.m.fontke.com	eng.m.fontke.com statics.fontke.com
3	adservice.google.com	pagead2.googlesyndication.com
2	r1---sn-4g5ednsr.c.2mdn.net	eng.m.fontke.com
2	sync.teads.tv	1 redirects eng.m.fontke.com
2	x.bidswitch.net	2 redirects
2	um.simpli.fi	2 redirects
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	analytics.fontke.com	eng.m.fontke.com analytics.fontke.com
2	hm.baidu.com	eng.m.fontke.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	eng.m.fontke.com
1	ad.turn.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	eng.m.fontke.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	zhanzhang.toutiao.com	eng.m.fontke.com
1	sp0.baidu.com	eng.m.fontke.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	lf1-cdn-tos.bytegoofy.com	eng.m.fontke.com
1	s.ssl.qhres2.com	eng.m.fontke.com
1	zz.bdstatic.com	eng.m.fontke.com
140	38

This site contains links to these domains. Also see Links.

Domain
m.fontke.com
en.m.likefont.com
en.m.fontke.com
en.fontke.com

Subject Issuer	Validity	Valid
fontke.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.ssl.qhres2.com WoTrus DV Server CA [Run by the Issuer]	`2023-02-28` - `2024-02-28`	a year	crt.sh
*.bytegoofy.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-29` - `2023-07-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.toutiao.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-18` - `2023-07-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-13` - `2023-08-22`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://eng.m.fontke.com/font/110098506/
Frame ID: 0E8198B3FBDCE26A3F154E279E6820B4
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 189B5F7F8FE5D932763689EDD18AD476
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&adk=1812271804&adf=3025194257&lmt=1687617272&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271972&bpp=7&bdt=1763&idt=211&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6453833897250&frm=20&pv=2&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233
Frame ID: E1775C998D63E235579A42D146E00A3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1839787983&pi=t.aa~a.3169138589~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271979&bpp=1&bdt=1770&idt=232&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vBKAUXFcTj&p=https%3A//eng.m.fontke.com&dtd=235
Frame ID: 4A2096C2E6393CADA9C4E10E05C81A11
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
Frame ID: B48A4B06E720FBA471CE40DA195A9FB5
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12
Frame ID: 8FA45D446A498E6B7A30BCA0BE34D5BA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: 46B79B9E1830B2FBDAF8FAE92F7BE3E1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Frame ID: 920936583C33823919057F2852195762
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BA0239239D9097B82882654303E32D17
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39F367DD0F756E214B15C43858B5C9A7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D94371A91C6EFEA48D7540397CAD33BF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 2E838050804261C4CD091C7F6CF310E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 13FA59520F2CD05B5DCB04826DCF469B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AFBBAF8DBF9B643AA6C75999DB7AB424
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75FFF0CEB26884E0AF2588A19D419F5B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: 25ECDAFF12A7C331614290B42934AEA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AF47B0131444D3A22ED98F1997A412D8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js
Frame ID: AB4F998221E6B3621975FD0A20A405D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3C4AEA78EF68EC59832847BD32C0A352
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0397DC5D20C2E86F0F23F53C6F621D7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38DB430C6C7BDA0A09BA976CB65CC749
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

카카오 Font,카카오 Light Font,Kakao Light Font,Kakao Font,KakaoLight Font|카카오 Light Font-TTF Font/Uncategorized Font-Fontke.com For Mobile

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

91 %
HTTPS

58 %
IPv6

25
Domains

38
Subdomains

29
IPs

11
Countries

1541 kB
Transfer

4285 kB
Size

21
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://m.fontke.com/font/110098506/
Title: 中文版

Search URL Search Domain Scan URL

URL: http://en.m.likefont.com/
Title: LikeFont

Search URL Search Domain Scan URL

URL: https://en.m.fontke.com/font/110098506/
Title: Mobile

Search URL Search Domain Scan URL

URL: https://en.fontke.com/font/110098506/
Title: Desktop

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://eng.m.fontke.com/statics/fontke/js/locale/eng.js?_=1687617271866 HTTP 301
https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELxNCNefIE9u6L_S4gBPrd0&google_cver=1&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7oKpoO762benvHBNk5xoEsiqb-d8Poabdq_t0qzMNfd-NxKWNkA1zJ4Qo1OIJxjYM6oPWX48 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7oKpoO762benvHBNk5xoEsiqb-d8Poabdq_t0qzMNfd-NxKWNkA1zJ4Qo1OIJxjYM6oPWX48

Request Chain 108

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 109

https://um.simpli.fi/gp_match?google_gid=CAESENiunycqCZ3KbPiPdXFJN60&google_cver=1&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrITHCMaNFxWjWnlaiv8mktjg7G0EuFqwjnObIbhROqkErECAHadQFBrjAda4M3IEO-bzOg52hpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6FA97AC4F39949C2A0A5495C6421BA6E&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrITHCMaNFxWjWnlaiv8mktjg7G0EuFqwjnObIbhROqkErECAHadQFBrjAda4M3IEO-bzOg52hpQ

Request Chain 110

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9zVdocX8TjzkMaoiktdbM&google_cver=1&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI9zVdocX8TjzkMaoiktdbM&google_cver=1&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE&google_hm=6Zi83zIxTC6z1YSm-8gl3g==

Request Chain 112

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELm1rdZYs7kZKwjVwhi2mxk&google_cver=1&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoyn_spxmWJW4zSSiseqMIJtNcGdx54CJxDmOB3PiwU1mniTP1R15Y5pn5Fwx8keXw8R4xZTIImHAXudsU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELm1rdZYs7kZKwjVwhi2mxk&google_cver=1&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoyn_spxmWJW4zSSiseqMIJtNcGdx54CJxDmOB3PiwU1mniTP1R15Y5pn5Fwx8keXw8R4xZTIImHAXudsU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwMTY0NzA1NTM2OTc4MDg4Nw&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoyn_spxmWJW4zSSiseqMIJtNcGdx54CJxDmOB3PiwU1mniTP1R15Y5pn5Fwx8keXw8R4xZTIImHAXudsU

Request Chain 113

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEA3EbISNVl5YqwfkTl6j71U&google_cver=1&google_push=ATf1kGN7tLxUIv4zg1OefN5XVvw3mPrXQIcy0XVLBTRMkWWD9Z02OztJm28mfPfyqBiDh-SCMUk3z29zlksENcTiuTwR_85sSFgbODG4OVa5UM3mX22IXF0pchLtuOSMijCe_HI7QFPzks7NrcL64V_YMmOREp-6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGN7tLxUIv4zg1OefN5XVvw3mPrXQIcy0XVLBTRMkWWD9Z02OztJm28mfPfyqBiDh-SCMUk3z29zlksENcTiuTwR_85sSFgbODG4OVa5UM3mX22IXF0pchLtuOSMijCe_HI7QFPzks7NrcL64V_YMmOREp-6 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/73C1DF6A89358302672E4D5723FE69E4F87371AD.49118DECD11A25AA68EE3B9C42E32E815456B3CE/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E84665062163EE6F69DC7296A6E59F3BAD4B6B9.2344C9DEE690A5D79EE07CB7166938A9AC766539/key/cms1/cms_redirect/yes/mh/sx/mip/2a00:c98:2030:a004:1::15/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687616900/mv/u/mvi/1/pl/49/file/file.mp4

Request Chain 121

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHY4z2am9Bkj4jpGuar2Tio&google_cver=1&google_push=ATf1kGNcaXkmFtzB0Bn1H-097rrKzUT4SuvrJ5lPYws3wdSZuyWCellWMMuv2Yi_4tDA66Q4c_OCo5mkl9cB8CcZazdNjwCnREXuHYs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwMzQ5MDc1MDMwNjIyMTAyMQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3OMDhljQteRNuktJF25mE&google_cver=1

Request Chain 123

https://um.simpli.fi/gp_match?google_gid=CAESENHk0Nh2mZbAQE-H0sLb7y8&google_cver=1&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3ilp7M_lunBkzcnfJa0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=833A385E5C47428ABD117FE62CF9C01F&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3ilp7M_lunBkzcnfJa0

Request Chain 124

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9GjKCdDqCuN6qqsMAN0lakaCE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9GjKCdDqCuN6qqsMAN0lakaCE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE3MDE2ODIxOTA2MTg4MTQyNg&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9GjKCdDqCuN6qqsMAN0lakaCE

Request Chain 126

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLtMP0x5edjTjBTmVn8mF4dono HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLtMP0x5edjTjBTmVn8mF4dono HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY3NTgyMzI1MjI0NjY3NDg0MQ&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLtMP0x5edjTjBTmVn8mF4dono

140 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
eng.m.fontke.com/font/110098506/ 16 KB
5 KB 1299ms
457ms Document
text/html 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

19f2bfecf081cd585c9cafbb61a24c76136c0a171abc29f63f8f35307468b7e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 24 Jun 2023 14:34:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.14.2
strict-transport-security: max-age=15768000; includeSubdomains; preload

GET
H2 200 bootstrap.min.css
statics.fontke.com/bootstrap/css/ 120 KB
20 KB 1625ms
878ms Stylesheet
text/css 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://statics.fontke.com/bootstrap/css/bootstrap.min.css?22.6

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

db798b4e4c36b047bb6611c46e95e8dab6c1f0b73a0d3140f1f5438a8e971354

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
last-modified: Sat, 08 Oct 2016 00:41:31 GMT
server: nginx/1.14.2
etag: W/"57f840bb-1de38"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 200 common.css
statics.fontke.com/m/css/ 44 KB
10 KB 1625ms
878ms Stylesheet
text/css 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://statics.fontke.com/m/css/common.css?22.6

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

0686a6bff9672380f75167e49b9c722a5ad73ee84cc7faef75978cf8e35cd605

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 24 Jun 2020 02:54:17 GMT
server: nginx/1.14.2
etag: W/"5ef2c059-b0e6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *

GET
H2 200 jquery.min.js Show response
statics.fontke.com/js/ 94 KB
33 KB 1365ms
618ms Script
application/javascript 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://statics.fontke.com/js/jquery.min.js?22.6

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
last-modified: Sat, 08 Oct 2016 00:41:31 GMT
server: nginx/1.14.2
etag: W/"57f840bb-176f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
statics.fontke.com/bootstrap/js/ 36 KB
10 KB 1622ms
876ms Script
application/javascript 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://statics.fontke.com/bootstrap/js/bootstrap.min.js?22.6

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
last-modified: Sat, 08 Oct 2016 00:41:31 GMT
server: nginx/1.14.2
etag: W/"57f840bb-8fd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 common.js Show response
statics.fontke.com/m/js/ 17 KB
6 KB 1624ms
878ms Script
application/javascript 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://statics.fontke.com/m/js/common.js?22.6

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

aa0f1681f77e96e090816439ed829543355a73325ad43d51304a5cd924a64778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 13:08:14 GMT
server: nginx/1.14.2
etag: W/"6059e83e-4467"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 100ms
75ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9fc69f6a9087016fb8f8084527c8839aac0e16a10957db2735f619ae854d00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48567
x-xss-protection: 0
server: cafe
etag: 2315473028926982559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:31 GMT

GET
H2 200 analytics.js Show response
eng.m.fontke.com/font/ 0
319 B 378ms
377ms Script
text/html 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://eng.m.fontke.com/font/analytics.js?aid=110098506

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/font/110098506/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:30 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
server: nginx/1.14.2
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 360x270.png
statics.fontke.com/image/image/1851551/ 52 KB
52 KB 342ms
342ms Image
image/png 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://statics.fontke.com/image/image/1851551/360x270.png

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

68cbc0f34608ab2831660cff88268c1cc860730f17e476ee3fd6ca78ca532ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Jun 2023 14:34:32 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000; includeSubdomains; preload
last-modified: Wed, 20 Oct 2021 00:43:49 GMT
server: nginx/1.14.2
content-type: image/png

GET
H2 200 /
eng.m.fontke.com/ 6 KB
7 KB 367ms
366ms Image
image/png 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eng.m.fontke.com/?g=Api&m=Checkcode&font_size=30&width=180&height=50&type=comment

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

52dc603e3fddcce89eef20ca023e3f408484214879596be24c48be4985967d37

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/font/110098506/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Jun 2023 14:34:32 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-security-policy: upgrade-insecure-requests
server: nginx/1.14.2
content-type: image/png
cache-control: must-revalidate, post-check=0, pre-check=0
content-transfer-encoding: binary
expires: 0

GET

eng.js
statics.fontke.com/fontke/js/locale/
Redirect Chain

https://eng.m.fontke.com/statics/fontke/js/locale/eng.js?_=1687617271866
https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866

0
0

GET
H2 200 push.js Show response
zz.bdstatic.com/linksubmit/ 308 B
563 B 951ms
157ms Script
application/x-javascript 58.254.150.48
UNICOM-GUANGZHOU-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.bdstatic.com/linksubmit/push.js
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: br
tracecode: 03381956040679645706062412
ohc-response-time: 1 0 0 0 0 0
last-modified: Wed, 24 May 2023 22:11:30 GMT
server: JSP3/2.0.14
age: 37734
etag: "646e8b92-134"
ohc-cache-hit: gz3un51 [2], zhuzuncache60 [1]
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
ohc-global-saved-time: Sat, 24 Jun 2023 04:05:38 GMT

GET
H2 200 ab77b6ea7f3fbf79.js Show response
s.ssl.qhres2.com/ssl/ 478 B
932 B 1348ms
19ms Script
application/javascript 2600:9000:20e1:9400:12:30a1:de00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e1:9400:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer: https://eng.m.fontke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 10 Apr 2023 09:55:49 GMT
via: 1.1 4dd111c814b0b5cf8bf82e59008da624.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;MISS from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: CDG50-C2
age: 6496723
x-cache: Hit from cloudfront
content-length: 478
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"67d74adaac6d2f43"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: rkhEGolQy6J3HTEmMR-kIVn0EO637O-my3rM2N9qR09Y2n8S0-sI_A==
expires: Thu, 07 Apr 2033 09:55:49 GMT

GET
H2 200 push.js Show response
lf1-cdn-tos.bytegoofy.com/goofy/ttzz/ 357 B
1 KB 1040ms
21ms Script
application/javascript 2a01:53c0:ff11::4
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://lf1-cdn-tos.bytegoofy.com/goofy/ttzz/push.js?3402dfac37b142b93d3b2eff91afbe5853674d281a69150b6d9d92fd1b7a1349bc434964556b7d7129e9b750ed197d397efd7b0c6c715c1701396e1af40cec962b8d7c8c6655c9b00211740aa8a98e2e
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:53c0:ff11::4 , United States, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software: nginx /
Resource Hash: 76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=01;cdn-cache=hit;type=static
content-md5: LqvsFUPQ989nqVgaBGwKgA==
age: 1
x-via: 1.1 PS-JJN-01ooN207:12 (Cdn Cache Server V2.0), 1.1 PSrbdjTYO3nt147:12 (Cdn Cache Server V2.0), 1.1 PS-VIE-01Lw182:3 (Cdn Cache Server V2.0)
x-tos-storage-class: STANDARD
server-timing: cdn-cache;desc=hit,edge;dur=0
x-tos-request-id: b958da8cf5ba593c648cf5ba-accd58d
ws-s2h-acc-level: 17
x-tos-response-time: Fri, 16 Jun 2023 23:52:27 GMT
last-modified: Tue, 01 Mar 2022 02:59:26 GMT
server: nginx
x-tt-logid: 20230617075226C91D9A287B7844FFF55F
x-cache-remote: HIT
etag: W/"2eabec1543d0f7cf67a9581a046c0a80"
x-ws-request-id: 6496fef8_PS-VIE-01Lw182_31419-36624
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-server: goofy
x-tt-trace-host: 018add213e875e471074a4fcfca3e1b5ad18b5227c839b1ad0771b00b9c5b4b459dcd44f62f213ce1f9c4da422d621bcc62656edf9ed7a8a37310fe9afc1969459b3f1bf7eb39fd78b387e96a232193c0ee825f0cd9d3264a5997fce0c099f8c59b32dcee82035de48ab94ea16c39b6c9b
access-control-request-methods: OPTIONS, HEAD, GET
x-response-cache: edge_hit
timing-allow-origin: *
x-response-cinfo: 2a00:c98:2030:a004:1::15
x-cache-new: HIT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1480ms
294ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?c0a79304a1f92d302cec782f23012101

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

dcb4a46ac315fee8b6945674b16dcea27cbb6baef40d3b49ad5c0316f9ea6941

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 14:34:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d49629f235af221687187fa68858e992
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11264

GET
H2 200 piwik.js Show response
analytics.fontke.com/ 64 KB
21 KB 1846ms
624ms Script
application/javascript 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.fontke.com/piwik.js

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 09:33:05 GMT
server: nginx/1.14.2
etag: W/"643e63d1-10132"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 icon1.png
statics.fontke.com/m/images/ 138 KB
138 KB 494ms
494ms Image
image/png 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://statics.fontke.com/m/images/icon1.png

Requested by

Host: statics.fontke.com
URL: https://statics.fontke.com/m/css/common.css?22.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

ae2cd3476afe1a3a995da988d88ee63f5801c1a07bff33b1308537a95339046e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statics.fontke.com/m/css/common.css?22.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
last-modified: Fri, 09 Dec 2016 17:15:31 GMT
server: nginx/1.14.2
etag: "584ae6b3-22869"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 141417

GET
H2 200 150x150.png
statics.fontke.com/image/font/110098506/ 656 B
850 B 354ms
354ms Image
image/png 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://statics.fontke.com/image/font/110098506/150x150.png

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

0789bed91c7534620c51c6f14fffd0a960bd9ab0c182725b1598992be162365d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 24 Jun 2023 14:34:32 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000; includeSubdomains; preload
last-modified: Tue, 19 Oct 2021 14:36:23 GMT
server: nginx/1.14.2
content-type: image/png

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ 356 KB
119 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5930385669586631&plah=eng.m.fontke.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be29ac64b5a39d12f877fe6370d7b28b5d42e0cbf9d499c8954374988e16e30e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122045
x-xss-protection: 0
server: cafe
etag: 16455293731301057841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 189B 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 07:09:47 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 07:09:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_info Show response
eng.m.fontke.com/ajax/ 0
372 B 348ms
348ms XHR
text/html 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://eng.m.fontke.com/ajax/user_info

Requested by

Host: statics.fontke.com
URL: https://statics.fontke.com/js/jquery.min.js?22.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Request headers

Accept: */*
Referer: https://eng.m.fontke.com/font/110098506/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubdomains; preload
server: nginx/1.14.2
content-security-policy: upgrade-insecure-requests
p3p: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
600 B 44ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eng.m.fontke.com&callback=_gfp_s_&client=ca-pub-5930385669586631

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5930385669586631&plah=eng.m.fontke.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79be140be45ac935e067d6560113f94dcc9e4d4c538202d4d65fe9c0cac0b0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 66ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eng.m.fontke.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=header&ign=false&pw=1600&ph=1200&x=800&y=0

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E177 310 KB
73 KB 684ms
683ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&adk=1812271804&adf=3025194257&lmt=1687617272&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271972&bpp=7&bdt=1763&idt=211&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6453833897250&frm=20&pv=2&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc7dae5cf40732bdae422fda675031ed9e2cc5995101f8fbece5e26d7b34a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 74710
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:32 GMT
expires: Sat, 24 Jun 2023 14:34:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A20 105 KB
36 KB 1112ms
1111ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1839787983&pi=t.aa~a.3169138589~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271979&bpp=1&bdt=1770&idt=232&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vBKAUXFcTj&p=https%3A//eng.m.fontke.com&dtd=235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

911ba95952432b7d77808816847bfa0cbea4ff8871b54d01c9f65b5490c6c100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36454
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 404 eng.js
statics.fontke.com/fontke/js/locale/ Frame 0
0 867ms
342ms Preflight
text/html 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://eng.m.fontke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 24 Jun 2023 14:34:33 GMT
server: nginx/1.14.2
vary: Accept-Encoding

GET
H/1.1 200
OK s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 0
116 B 2677ms
284ms Image
text/plain 103.235.46.40
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://eng.m.fontke.com/font/110098506/
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 14:34:35 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/ 155 KB
52 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306160901/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83a3c8c5325c6c0582aae8eb93514278aec31f0f05c2f22683be89987d9988fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53691
x-xss-protection: 0
server: cafe
etag: 3258098076602106345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eng.m.fontke.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B48A 80 KB
26 KB 544ms
543ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cff36a2a26b6ec5f6837da6a07214e2a5488885e61d9d4b67ff1bee7c8b82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26146
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FA4 109 KB
39 KB 634ms
633ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1475c5a7a25d438d9c7ebabec53d932f1221c0b7fdf6ebc339ded63dbae89a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39907
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s.gif
zhanzhang.toutiao.com/ 0
589 B 409ms
21ms Image
text/plain 163.181.92.232
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zhanzhang.toutiao.com/s.gif?url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&token=3402dfac37b142b93d3b2eff91afbe5853674d281a69150b6d9d92fd1b7a1349bc434964556b7d7129e9b750ed197d397efd7b0c6c715c1701396e1af40cec962b8d7c8c6655c9b00211740aa8a98e2e
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.232 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:33:51 GMT
via: cache5.l2de2[0,0,200-0,H], cache23.l2de2[1,0], ens-cache4.de5[1,0,200-0,M], ens-cache15.de5[3,0]
x-tt-trace-tag: id=03;cdn-cache=hit;type=dyn
age: 42
x-swift-cachetime: 43158
x-cache: MISS TCP_MISS dirn:-2:-2
server-timing: inner; dur=3, cdn-cache;desc=MISS,edge;dur=2,origin;dur=1
x-swift-savetime: Sat, 24 Jun 2023 14:34:33 GMT
content-length: 0
server: Tengine
x-tt-logid: 20230624223350465D349B622A430C44C1
ali-swift-global-savetime: 1687617231
content-type: text/plain; charset=utf-8
x-tt-trace-host: 012be64705e92d23785059d199aa78216735525e2d1935d81dc5364baca3084a481da4e024758e2dc40791834936806fbdbce7e9482776dd499bf1e46bb4de8055cf389151007f4ec2fc78591e348e6c141a2c91f70956441fa8ce3a09af40a140
timing-allow-origin: *
eagleid: a3b55ca316876172733645636e

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eng.m.fontke.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame 46B7 10 KB
4 KB 9ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 07:08:05 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 07:08:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/ Frame 9209 10 KB
4 KB 12ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 07:08:05 GMT
etag: 15057649708203361565
expires: Sat, 08 Jul 2023 07:08:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 46B7 4 KB
1 KB 45ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:17:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 46B7 205 B
318 B 45ms
14ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 12:48:51 GMT
x-content-type-options: nosniff
age: 92742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jun 2024 12:48:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 46B7 604 B
920 B 44ms
13ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:02:30 GMT
x-content-type-options: nosniff
age: 405123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Jun 2024 22:02:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 46B7 23 KB
9 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:23:02 GMT

GET
H2 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame 9209 8 KB
4 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:37:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 23:46:56 GMT

GET
H2 200 3070dffd32135a56ab2ef35705c6f461.js Show response
www.gstatic.com/mysidia/ Frame 9209 9 KB
4 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3070dffd32135a56ab2ef35705c6f461.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7a4563a945f57c05734db4835005e87401c8fa28f353aa731e96fe6a97db00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4034
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 08:32:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9209 14 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:06:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9209 2 KB
945 B 40ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 9209 22 KB
9 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 17:03:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9209 3 KB
1 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 16:34:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 9209 19 KB
8 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9209 179 KB
56 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 9209 33 KB
14 KB 30ms
11ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BA02 14 KB
1 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:09:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BA02 2 KB
926 B 12ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame BA02 22 KB
9 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 17:03:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39F3 143 B
166 B 27ms
16ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BA02 3 KB
1 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 16:34:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BA02 19 KB
8 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA02 179 KB
56 KB 30ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame BA02 33 KB
14 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9209 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaeIe-P6WZN6IEtTTtOUPgriKgAvlsPL-cOnEzOPtEfuK9P0IEAEgqqzSA2CVgoCAmAegAdaN_LQCyAEBqQKnZkeWg1S1PqgDAcgDwwSqBIUCT9BdTJ-b-H9r4-mDq_hAcBBc_feCzusABggqr7HQFe8ka3-H9MIxeChqB9yEHigRmRjkIi2BaNJPsbi6aXGr3gmBmE3AvHcXuHqV2lBDBnwKO_2jJBBYRDr0sy4LGDYd6fsv7AtWyk4K8kvMG_KNsVWHTFVFvkh2dI6uD4xUwmlEEnD2kH0DpkB5tK6xKbLN-Sde6QGnrzKvDfw1OipV0r16udVTrvxtYvxTc15u1c2lVVQm8SfrgxJLpxaEAgN0yJQFG_at_HKYsKslCd85atf8ZvI1lcLxDH7YA4iO2ChfRDdBQJ5g-W3CqyLbjTYC0RBCY1zPLhWzjc-JwlVvZbtj8tvTwATQu4uAxgSSBQQIBBgBkgUECAUYBKAGZoAHkvKDywGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC37gfSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTU5MzAzODU2Njk1ODY2MzEYAA&sigh=a2BVE3kOBck&uach_m=[UACH]&cid=CAQSGwBygQiDMmpQZ-XNDOKp4zx9zsWrjEPuxKoGgRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Jun 2023 14:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D943 143 B
166 B 14ms
14ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9209 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4d4f7add0ddf5087e7ef37e164d3b297d13127a24ec0efeae89ecab870b58a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 4A20 14 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1839787983&pi=t.aa~a.3169138589~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271979&bpp=1&bdt=1770&idt=232&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vBKAUXFcTj&p=https%3A//eng.m.fontke.com&dtd=235

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:08:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4A20 2 KB
892 B 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 4A20 22 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4A20 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4A20 19 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A20 179 KB
56 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 4A20 33 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4A20 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRW5u-P6WZPblEqzVtOUPnrelmAn_mbeTcYig8aOeEdnZHhABIKqs0gNglYKAgJgHoAGFqpDZKcgBCagDAcgDywSqBP4BT9ADIQrsYKAHQkRtRZnk7POww7RxkD8TR81NFKR9JDids-4F3wqp1CD6MslBK1Wwf5yCiEkP2IgLVs9Ij14SAtjsIcaBQK7DbJpzCzVfI85t7p_P-yno0lQ8gesESq26MIM4tIdaFtgBeuP4GdhKNm-Vh1l1MbaPPbkx7MBojARhdMBaZDfY-HBfn7XrKaTzCzN04ZqOgfTqXcbNzRk3Q44t5CU6MF-p0fO5Q14vbKpwhOHAhlgBu4S1EuI6RPH_Zka3LBxwll5ASTJIxjNw6NU3cdh9MhovzNE3HxVbsnOLixpQRD0kuDRxT1tDXR7ldaoUgyLlOgLnQiatEfXABNLJ-I60BJIFBAgEGAGSBQQIBRgEoAYugAeF4uC4BKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOyPC9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItNTkzMDM4NTY2OTU4NjYzMRgA&sigh=sg14EWApIhc&uach_m=[UACH]&cid=CAQSGwBygQiDj1tATrwdsdYqzZEsKdf-h1P0vmUSpBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1839787983&pi=t.aa~a.3169138589~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617271979&bpp=1&bdt=1770&idt=232&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vBKAUXFcTj&p=https%3A//eng.m.fontke.com&dtd=235
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Jun 2023 14:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E83 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:09:35 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3343693586531201564/ Frame 4A20 24 KB
24 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3343693586531201564/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d3df6af93c8752a5f0f61aa62c20363db9ca566c87bb6408eb6bc8cadaabc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:06:26 GMT
x-content-type-options: nosniff
age: 296887
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24656
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 18:07:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 04:06:26 GMT

GET
DATA 200
OK truncated
/ Frame 4A20 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4A20 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D943
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 13FA 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:09:35 GMT

GET
DATA 200
OK truncated
/ Frame 4A20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5a3abb41eac3a2dda441c9023fed26fc94b7454e9828baa761241b8be6b040b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame B48A 22 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 17:03:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B48A 8 KB
750 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:09:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame B48A 15 KB
3 KB 89ms
10ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2883
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 05:06:06 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame B48A 371 KB
127 KB 93ms
13ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130330
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:43:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 16:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame B48A 19 KB
8 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B48A 0
0 19ms
18ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSXYwjktNrnVLMnQknK5jHcr_p7Oo2JgPYogIndS8XfFfwGYlBLaT6VjrulGujMrPCrbw74li97Bj00Wlf4DkEzgBHlA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4A20 33 KB
34 KB 46ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 329116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 283ms
283ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1209051832&si=c0a79304a1f92d302cec782f23012101&v=1.3.0&lv=1&sn=25489&r=0&ww=1600&u=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&tt=%EC%B9%B4%EC%B9%B4%EC%98%A4%20Font%2C%EC%B9%B4%EC%B9%B4%EC%98%A4%20Light%20Font%2CKakao%20Light%20Font%2CKakao%20Font%2CKakaoLight%20Font%7C%EC%B9%B4%EC%B9%B4%EC%98%A4%20Light%20Font-TTF%20Font%2FUncategorized%20Font-Fontke.com%20For%20Mobile

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 14:34:33 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame 8FA4 8 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:37:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 23:46:56 GMT

GET
H3 200 3070dffd32135a56ab2ef35705c6f461.js Show response
www.gstatic.com/mysidia/ Frame 8FA4 9 KB
4 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3070dffd32135a56ab2ef35705c6f461.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7a4563a945f57c05734db4835005e87401c8fa28f353aa731e96fe6a97db00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4034
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 18:03:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8FA4 14 KB
1 KB 23ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 13:04:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 8FA4 2 KB
892 B 16ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 8FA4 22 KB
9 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 8FA4 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 8FA4 19 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 19:11:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FA4 0
0 21ms
19ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmY22a2NYsPISehfhWML1YaA2_WxVxvuQ0KfRa-A2BUUcI_j7lAkF0LXLOCMp2wtxCL_Fg8v1t6sErH9QsVp11VeJYLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FA4 179 KB
56 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 14:34:33 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 8FA4 33 KB
14 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FA4 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CScC6-f6WZNSOA_6mtOUPp4ut6Ae0r-yecdupi7yLEeK4v_KRDhABIKqs0gNglYKAgJgHoAG48LPSAcgBAakCNsTwkR9Hsj6oAwHIA8sEqgSEAk_Q_6ll-fw38guARbDPwEmj4Ncpek4VgFBYuNa7Kfv5mucorp0XQd9aaK2WJcJ3PTXzseMZAwsw9xAjxcTas-ZIiY5ZiiWu8jnF9w3FnMlbq5hPqTTErFDd4XfQY4QRVJ8G2r8QdLlT_i9M37bvTpJQans6zjWqMsBoGdscXAc-tySQw1yx0pvsmyZK40d2TFOUq-WvXBKnQp4noesIia-6TueISl-uCw17p-id2nDtY1keNPGuBC5hmgFbJLcR78KfAOHuEboxLbJBTMqQPRCd417jRH-cMGCblS44P0cF1g6Vaj96nPqfzM2JuSuuPz4Fl68xwuE8y7yvw2TYoeWuY32zwATFpeuzggSSBQQIBBgBkgUECAUYBIAHsI_MrQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDA1wHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTU5MzAzODU2Njk1ODY2MzEYAA&sigh=yRYChqQsAlo&uach_m=[UACH]&cid=CAQSPABygQiDpaJYvLOW_OCj5zQWE2DOzvhYMD4fTDq07CPvDnUg80CsSmF0WYWjNYQ_Q2ZlpCGdMkOfFJhfnhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Jun 2023 14:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFBB 143 B
166 B 17ms
12ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=100&adk=397372076&adf=4061442901&pi=t.aa~a.2904907166~rp.1&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x100&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=0&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280%2C720x280&nras=4&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=eWKzEa8NLk&p=https%3A//eng.m.fontke.com&dtd=12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 75FF 1 KB
643 B 16ms
13ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Sun, 25 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 25EC 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:09:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B48A 0
234 B 652ms
230ms Ping
image/gif 2800:3f0:4005:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lja3r2ag&c=4092498889972&slotId=2046249444986&qqid=CMLPz6CQ3P8CFXMArQYdaHwASA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:406::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B48A 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 595818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B48A 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 39846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 03:30:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B48A 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CISl1-f6WZILvA_OAtOUP6PiBwATU8ez9cLKh9NHlEPKe3KDUARABIKqs0gNglYKAgJgHoAHh9bOjAsgBBakCNsTwkR9Hsj6oAwHIA5sEqgSbAk_QKtf4ktnAwGV_6-bYTsZKmHm4SsNe1NzGx4Sz6mgd4kpuJdcFPMobxweWPT7ayL1S1v1UYe7rCAO45upQ57u5GBQKL6gfHQ6HCdefrjxubiMNGwxqTAkxzxhkhf3JG1kylCUCbnbpBsA97tmjXbupnT58I_hHVRagU11PdbyZNOHXY6rdfUR_FU-pj-f1iT9TXql3n3Olws8Oakuq9KqKYVPdjO-qDP4GS3Te3Ot64JPxAvgYUI8KEdxT3j9c4iKKT0ZJ6bbaV_dVZVW7wjbY1yOIXz0-SG2MFjbGBt7EBWGbpxHEpJlCIhg7cfH9QQ6PmagpPIG2IlwWt0Gls1sdOB7O0uI_peIkXU9I0CYac3GEcgb1Efb_DpLABKDjs_OZBOAEA5AGAaAGToAHh4rM3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATp_7UE9ATANgTDYgUA9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1687617273716&ai=CISl1-f6WZILvA_OAtOUP6PiBwATU8ez9cLKh9NHlEPKe3KDUARABIKqs0gNglYKAgJgHoAHh9bOjAsgBBakCNsTwkR9Hsj6oAwHIA5sEqgSbAk_QKtf4ktnAwGV_6-bYTsZKmHm4SsNe1NzGx4Sz6mgd4kpuJdcFPMobxweWPT7ayL1S1v1UYe7rCAO45upQ57u5GBQKL6gfHQ6HCdefrjxubiMNGwxqTAkxzxhkhf3JG1kylCUCbnbpBsA97tmjXbupnT58I_hHVRagU11PdbyZNOHXY6rdfUR_FU-pj-f1iT9TXql3n3Olws8Oakuq9KqKYVPdjO-qDP4GS3Te3Ot64JPxAvgYUI8KEdxT3j9c4iKKT0ZJ6bbaV_dVZVW7wjbY1yOIXz0-SG2MFjbGBt7EBWGbpxHEpJlCIhg7cfH9QQ6PmagpPIG2IlwWt0Gls1sdOB7O0uI_peIkXU9I0CYac3GEcgb1Efb_DpLABKDjs_OZBOAEA5AGAaAGToAHh4rM3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATp_7UE9ATANgTDYgUA9gUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B48A 0
54 B 640ms
233ms Ping
image/gif 2800:3f0:4005:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lja3r2ba&c=4092498889972&slotId=2046249444986&qqid=CMLPz6CQ3P8CFXMArQYdaHwASA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.lj&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:406::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B48A 28 KB
16 KB 114ms
57ms XHR
text/xml 64.233.166.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CGFGHP6GNCYeBkeYe9JKqIS68vXtrzjMnZzCFfmN6ihpH0xdPtxukdkWD9QQa-cUEinZ2HqDF95Dhzv3hMGUgMq7HtIg&cry=1&dbm_d=AKAmf-AxGMyc_1EFExhOGHGEEXoAu0FbQYZ86he4fzFKXQKtboLIShI77ttsesKw5HKZ7EV4_fA61nn78AAQIzMoylP9RhQL-a20pw6YguQ0smzLFp8-TzCKZt96mceEuIfRYSIj1BOLR7sZ8EdKUWVvxV1Rn0mLyguNSkhv_FxICiAmJWINjExAVNn0K755YWE-pMthlA9vUzsrliPho2IENAAcdfC_d1fuTTrPJQBero9NmE8SwivLEO7UcCRUe0Od8SU9Yb-UsPmCHkeRgGWw1AqpzJt105E3cfMvPid9JbydX2EQCq0zqCo0NxsLvzwBDjPb-9MUlpMgFX9m3qYnXUnkqqsQ54_ZPoVOSIzAndJT-bs3tlvrT-8NwZhIstTt4-uc5n6SAckqUgozH2wezE_sYcQUCTG8jZivOaGnSgk77wiGuTBiAK7iZXaJrrfmDXyRYhqREyCPNS4iZ_yBJNgvhNY1Rs4Y_nhM-9eq-aN6i1KTQCbwjE12kh-hSxG5jgl7D0VK2ZBnU2v1NpjtNab5yFoEVjrIGh5osU3QVdudIHTizBEXD-_xooNWgdQGKQOsF6-nNCn_2HJ70RZdrW9f6fvCeSKasLWQWzO3-olgguJZYZwfsxxuRqa5EGCjJrwGllO4iHaZQy6E9_wxxBHR8vOkqwK2ODjTTnfUBZt8HYHBD4p-LH38wuPZK5R0-VVIWkqz3aSJsT4nQPojZG-9UjufGWHIITgTZWQpPkZ1wHjRWTMlRuyjWmvR2UQEIuG9qWL3rvMKX5dGnMHLnlozEfLA-eoJpZEpJpj66sJUm4kimzhz7hYH5PQl-k6DtEKN7YsGAq6XoLJEtwNVl8D625a8ytjDkUJfyI5p8cLlHbYUJq9In9VAWBA7gSYxoOvqJFL0L3wBzaa7mmKD-hN_BFK2GsSXixxUGg67G1r4S2IF4tJGCkJW10a2xQQRrztOKtuuxo2CDAAVGHntbse9Eq0BUGdPU5jI64wiy3qJRuOiZsCVxFCuXzYpMVrD2vtNJdjA7ZHVbt8R2njWLsTL6VreEW-qzCDUa59ttvRmKlA6mJtmWcqotkN95zJ6sfJI5QgDjoqhuQMPbV5yxBqdGeg2cgR5F1n3EOK7UZQfu9IBz8MQMRm5JEPoOWZ-eFPRPiwAPJ3rkY44ZyGVLSdXFnppjjiiCAyLY2UDRYA5YfMpfgW2ZAOdtcY3QlGGINWZPEJI1c0uWE0YTnYShwz_2DusJQo0grAzL0wsEC5LQt2aE9uku0scgD3FUa46xCyXlJLWfhUCg9yU6Aicj4dvv5cof2_Rx4EQk9jm94ab8Bv4eXmeOPOE3lvP1fWXoomHllx8UEWnYP-JUOHpUPW2W0Dwmry26bA2ioRnbb2WW9bgp-6PTejSfRCe9hhs3iiVUcrmrLmICM9eWwzSdxupqjDY84OP61AUXYfepLpAJIqb0Upbdh5clKBkCNnnjFuy_gHKaCVq8kQ9iod9pnsE-pOG8qWJfs6fkJajheN3ZZl6i_iI3w9RuZKU1LnVSVtHJMpQ2g8NcT9109RabnxmDSQgkMOtwHRrO8n9Sa59lymyyK8ScZ_nb6cuFmcbReLNCxj0tnavEWyKlQfXzy-qaJr8grq_ow6WNlyUG8KQaDvoz5Dy7BRMusb84Z_8-e8VD6zMJtmfOFJIulk0hnDUSIAuF4UtAohe7n7P9ASuyzxSeIUugfLNlIcn-laJsa7Ux-Bq1ZPUJe4H6sQsxojHuXKlU-fAi8FJiZaC_7u1_2eOL2FuwkF7Qzm9OPUFUxu2yY6kGkVEK8wDoYLKAb6jC8tga_J7UrAOgFkHJjH5d4arUGBDtTHBm9DN6D29ZY0vyaRhcwx2ZZaj9GxTfHrhpTfQQSlMt1EIjfKJAWjI9cIxl9PdzorZ4owSzlyvHnSbKCemVeGlJaTDZShTie8Zv1laM-rmaTKy1uYiykLJTJIRQqKcxffCzSRjfeoU4RJwiZ_QJQVDsUMqGSM1wO17zwJHtt4A9EzIrQAYK1h-678YClxlo8xFVFqKd6HMMTd5oqyKNitfnpID4JPlWeGWmkHEtEYTX6OmuUpBQLULi8Q3mEDG6UnmZc4A5bsO_qsioDcUR8CJ1TxJOjHTJc5CK684IFC1Mp2rVGJWco36BwCeSUlB1QZ1CMRA2_kzHUclpemmssRN5LTc9aHvWgnFiMg3lscYayTME7eK1Zb9LbSshonE5KsCBQl0oW7TkOgxaoutx8-LAlKVYu_x6f_2PaU1_WTLgf0mJPjCDEoCj9qA4ajaG7luJycMMXlr6kBpLxTcLPtgxHBjRaYKtiotWNx89_g5zhG_WdkhNMv1uxK8k-z5rJpuvytfwcjkLML4rGrzGnxH0tBCpjcXiok2uy-d3c85Lr0kM5aRVVenlL6rr6p15dFdKngSOz5WP0mIH2VXHcjE-35QXmYI-gOHFw17z6sDK7Kaf1OnA1_fYuWMpVgTmgHSugJpzA8fFICvsNzrbiCTahFYnnUOejbV3dZ7ys6AErtSm7npL_5RFpp-8FFIrqyA9f-bpJf7eEXyRx1jr9RlIjJM0UFkDBe7CHQdigdTiqeECQvldPYrCnafIH2EebICB5FQd_oBIerCtOb0LoozpDwCYMKHZD_gpp1X0DP2mp9iT0LAODg6wZNKOGxXUlHKErXCHJ3plTKLAEkiDWSp8ljgI118cknnWeFmui4gvfcFIsDkso92wi0oacMv0qBnLdi9IXY8HjWlqAMNwIzwC57ZM9-YIk7UHz-2xVwd9WXkLkyqkOVo-FaIsfKcXzt7h8aqVO-Xh9PzOvNjrJsEKfQOimqurCYrxYaag86KobYq2bNNVP9z-zkHV8DWo0KVme8pa6-7A1GoAUkKhVl6ZBeAdXoDQms-jiATGPrRGgLslE6dCpCK40sjcSd2UHl21CPs2LjSGm-6d2J8Nejy2ZNnIxwwKYBHtYzD0fZ33lpC52H8extxcYC1xI9C109hyimz6eG7YtbtHS300XLrjA0ATXeduadySd2ZLt27BjDyYaab6GEsDi0jjBVDOW3_2EFIS24rqeMu-TtLu8P07XFtjxymUOntN0aZc0xthA0zC0A5DKUhuoBQj3cU_isYkzFJ5TKfNcnf2e_Yh3zOGt3R-6JopNUJfJizt4ab8aRUPBinsiJkfJb0OJm3P4rPmwHTewd_IxOUCb-RhNYCCNuFvmxZpqvUYxd710huFVknNFjYgS0OB3SPJ4ksf8dtcmdW4ZXeZeVjTx0ms17XEhQL4WwijPlSyN_7AkJlD1-4Lpa0DBXqq9fnHFlAZG5WA3svUJjwuyyHy8j9bEirHnnv0_rLCW6zRaE48UNm8-2WgY5edB85oM0ccvUL526kZIIVGvBO7hNeDWWTxZO99t9W5vTNt8ovpoLHK4VIihdB9ZbJn-nBYjLr3xTJetBHgNm8vAygWdIHLIjvNeu6W5UrPNi3yh802udBLLDDSQYnbRdbBbdPgljcqy1pP68vZ6ScGMIihBKE9VR2&cid=CAQSPABygQiDFFmO6DxPAeMpmrMyoim0FU97qJ9HS0xBhleFN2uf-KeNjEQC10MI0zByU_UbSBYbQDpc4A2vYhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f156.1e100.net

Software

cafe /

Resource Hash

049203c1c42d177a09434a2a1a07f259303475006a9916a9a5c4c8b052b6a086

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16384
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B48A 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca4gp-f6WZILvA_OAtOUP6PiBwATU8ez9cLKh9NHlEPKe3KDUARABIKqs0gNglYKAgJgHoAHh9bOjAsgBBakCNsTwkR9Hsj6oAwGqBJgCT9Aq1_iS2cDAZX_r5thOxkqYebhKw17U3MbHhLPqaB3iSm4l1wU8yhvHB5Y9PtrIvVLW_VRh7usIA7jm6lDnu7kYFAovqB8dDocJ15-uPG5uIw0bDGpMCTHPGGSF_ckbWTKUJQJudukGwD3u2aNdu6mdPnwj-EdVFqBTXU91vJk04ddjqt19RH8VT6mP5_WJP1NeqXefc6XCzw5qS6r0qophU92M76oM_gZLdN7c63rgk_EC-BhQjwoR3FPeP1ziIopPRknpttpX91VlVbvCNtjXI4hfPT4QbFYlPoS_7Fb_oT2e9WLfWLdm7c4eQk0vvRfFiSOfi586zYUfLxYhpDYWBnQAD3tQNdp2Y1Ao06RKldesMGqplcAEoOOz85kE4AQDiAWqnJfnRJIFBggbEAEYAZIFCwgiEAMYAUj6jdIBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeHiszcAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEJmcDBie2abUAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwGwE6f-1BPIE4eamuED0BMA2BMNiBQD2BQB0BUBgBcBshccChoIABIUcHViLTU5MzAzODU2Njk1ODY2MzEYAA&sigh=KU5GwhZjOoM&uach_m=[UACH]&cid=CAQSPABygQiDFFmO6DxPAeMpmrMyoim0FU97qJ9HS0xBhleFN2uf-KeNjEQC10MI0zByU_UbSBYbQDpc4A2vYhgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Jun 2023 14:34:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AF47 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Sun, 25 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B48A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc62644682fef7efb55eb1b3a7c50281ddd7622c8cabf44148ffb65c618a963

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8FA4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4b53d1d89e4415c2f439e196e576f89179caadef0745c3719f42251d124b937

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELxNCNefIE9u6L_S4gBPrd0&google_cver=1&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7oKpoO762benvHBNk5xoEsiqb-d8Poa...

170 B
232 B

29ms
26ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7oKpoO762benvHBNk5xoEsiqb-d8Poabdq_t0qzMNfd-NxKWNkA1zJ4Qo1OIJxjYM6oPWX48

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 24 Jun 2023 14:34:33 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGP7ia-WL9WiykYPvHBKFNyaKD9FhYtxMdZtNm1u50HK_OmxVgxjvm-4VL_QUAqkmT8sV8WU3ROj6f5FWbT7oKpoO762benvHBNk5xoEsiqb-d8Poabdq_t0qzMNfd-NxKWNkA1zJ4Qo1OIJxjYM6oPWX48
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 24 Jun 2023 14:34:32 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 75FF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLk...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBO...

43 B
420 B

216ms
184ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dc5b13b0b3d371a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 236
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFFF5l2GD6LeXdSyAftatMY&google_cver=1&google_push=ATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGPnvRHrpg4opGHcfKX4lxoz5ZS6W2_PznNM2dhV9467bkpxc03TSIfPFkIZum92r4iw_on3OlCMymtXstO0oM_f7xR5cBOLkLBdU32GT4En9NkmRpXNXUZzHlwbgh9M2lslIyH1oN9tp-OqLTVS78wKmI4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7dc5b13958ec371a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENiunycqCZ3KbPiPdXFJN60&google_cver=1&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrITHCMaNFxWjWnlaiv...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6FA97AC4F39949C2A0A5495C6421BA6E&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrIT...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6FA97AC4F39949C2A0A5495C6421BA6E&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrITHCMaNFxWjWnlaiv8mktjg7G0EuFqwjnObIbhROqkErECAHadQFBrjAda4M3IEO-bzOg52hpQ

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 24 Jun 2023 14:34:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=6FA97AC4F39949C2A0A5495C6421BA6E&google_push=ATf1kGMox2P_nPalEuRttnewI1MCHRC3sIhyhyCBZlmvuBHPIn-rmNAoxd8JyrgYCFjXEHJvijX3Hd0jmXwvrITHCMaNFxWjWnlaiv8mktjg7G0EuFqwjnObIbhROqkErECAHadQFBrjAda4M3IEO-bzOg52hpQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 23 Jun 2023 14:34:33 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 75FF
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI9zVdocX8TjzkMaoiktdbM&google_cver=1&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI9zVdocX8TjzkMaoiktdbM&google_cver=1&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_a...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSk...

170 B
329 B

18ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE&google_hm=6Zi83zIxTC6z1YSm-8gl3g==

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE&google_hm=6Zi83zIxTC6z1YSm-8gl3g==
date: Sat, 24 Jun 2023 14:34:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 75FF 43 B
363 B 67ms
20ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEAKYrWb5vBuErda0a2ZksvY&google_cver=1&google_push=ATf1kGNLXjri4Le8q5Rzr7blJ4dn4cL9jbylmji-EEdvmuIO56LXiHvI7zjYto5lZ97EusFyKTM61yix2I7mv7WmcF62lz9sFzHBSGxnj6jQwmlCxCOHate7nnegJGvYMhyja2omee1-kuAQh2KSzFNF3c5FYw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:33 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 238778
expires: Sat, 24 Jun 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 75FF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELm1rdZYs7kZKwjVwhi2mxk&google_cver=1&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELm1rdZYs7kZKwjVwhi2mxk&google_cver=1&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNn...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwMTY0NzA1NTM2OTc4MDg4Nw&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJq...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwMTY0NzA1NTM2OTc4MDg4Nw&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoyn_spxmWJW4zSSiseqMIJtNcGdx54CJxDmOB3PiwU1mniTP1R15Y5pn5Fwx8keXw8R4xZTIImHAXudsU

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwMTY0NzA1NTM2OTc4MDg4Nw&google_push=ATf1kGN_onvnoDEKpRRD4yrnJT2aU226jrnYgnrCg-c1H0PydPtZWQTU4kA7vo2dn_6_HKNIyNnGJqoyn_spxmWJW4zSSiseqMIJtNcGdx54CJxDmOB3PiwU1mniTP1R15Y5pn5Fwx8keXw8R4xZTIImHAXudsU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 75FF
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEA3EbISNVl5YqwfkTl6j71U&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGN7tLxUIv4zg1OefN5XVvw3mPrXQIcy0XVLBTRMkWWD9Z02OztJm28mfPfyqBiDh-SCMUk3z29zlksENcTiuTwR_85sSFgbODG4OVa5UM3mX22IX...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

50ms
50ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 24 Jun 2023 14:34:34 GMT
pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 75FF 0
139 B 97ms
22ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6-xIizzmXAzeoVvEGm4Uwnn2rHsQrHGO2Kl2Hz3RD6sjiM-R8fX9Wspai120cdZ4RYg66fg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AFBB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
expires: Sat, 24 Jun 2023 14:34:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8FA4 33 KB
33 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 329116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 19:09:17 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B48A 0
54 B 463ms
241ms Ping
image/gif 2800:3f0:4005:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lja3r2bo&c=4092498889972&slotId=2046249444986&qqid=CMLPz6CQ3P8CFXMArQYdaHwASA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:406::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B48A 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 21:33:59 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B48A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

78ms
12ms

Fetch
video/mp4

2a00:1450:401e:28::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E84665062163EE6F69DC7296A6E59F3BAD4B6B9.2344C9DEE690A5D79EE07CB7166938A9AC766539/key/cms1/cms_redirect/yes/mh/sx/mip/2a00:c98:2030:a004:1::15/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687616900/mv/u/mvi/1/pl/49/file/file.mp4

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

HTTP/1.1

Server

2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 14:34:34 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2888872
Last-Modified: Wed, 28 Sep 2022 05:26:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 24 Jun 2023 14:34:34 GMT

Redirect headers

date: Sat, 24 Jun 2023 14:34:34 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 654
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3E84665062163EE6F69DC7296A6E59F3BAD4B6B9.2344C9DEE690A5D79EE07CB7166938A9AC766539/key/cms1/cms_redirect/yes/mh/sx/mip/2a00:c98:2030:a004:1::15/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1687616900/mv/u/mvi/1/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 piwik.php
analytics.fontke.com/ 0
185 B 610ms
608ms Ping
text/plain 47.241.58.156
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.fontke.com/piwik.php?action_name=%EC%B9%B4%EC%B9%B4%EC%98%A4%20Font%2C%EC%B9%B4%EC%B9%B4%EC%98%A4%20Light%20Font%2CKakao%20Light%20Font%2CKakao%20Font%2CKakaoLight%20Font%7C%EC%B9%B4%EC%B9%B4%EC%98%A4%20Light%20Font-TTF%20Font%2FUncategorized%20Font-Fontke.com%20For%20Mobile&idsite=6&rec=1&r=739559&h=14&m=34&s=33&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&_id=7380d9864db6fba3&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=d81MPd&pf_net=843&pf_srv=457&pf_tfr=1&pf_dm1=3178&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: analytics.fontke.com
URL: https://analytics.fontke.com/piwik.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.241.58.156 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx/1.14.2 / PHP/8.0.11

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://eng.m.fontke.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://eng.m.fontke.com
date: Sat, 24 Jun 2023 14:34:34 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-credentials: true
server: nginx/1.14.2
x-powered-by: PHP/8.0.11

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AF47
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHY4z2am9Bkj4jpGuar2Tio&google_cver=1&google_push=ATf1kGNcaXkmFtzB0Bn1H-097rrKzUT4SuvrJ5lPYws3wdSZuyWCellWMMuv2Yi_4tDA66Q4c_OCo5mkl9cB8CcZazdNjwCnREXuHYs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMwMzQ5MDc1MDMwNjIyMTAyMQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3OMDhljQteRNuktJF25mE&google_cver=1

43 B
398 B

24ms
23ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3OMDhljQteRNuktJF25mE&google_cver=1
Requested by: Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 24 Jun 2023 14:34:33 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP3OMDhljQteRNuktJF25mE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame AF47 0
104 B 174ms
26ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGXRxBApbLRhvx6cE6RtDPQ&google_cver=1&google_push=ATf1kGPLR7dUQftNiqYhqbmngsjw_iFclnCzbvQoqdIFkZ6e7qrbEq6V8o-rjJZfGbT8J9LMSW13oFRrQ2qfGJj8yIeoOlY4n5ykXRk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF47
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENHk0Nh2mZbAQE-H0sLb7y8&google_cver=1&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3ilp7M_lunBkzcnfJa0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=833A385E5C47428ABD117FE62CF9C01F&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3il...

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=833A385E5C47428ABD117FE62CF9C01F&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3ilp7M_lunBkzcnfJa0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 24 Jun 2023 14:34:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=833A385E5C47428ABD117FE62CF9C01F&google_push=ATf1kGPZ2pC_xHdy0lhpN92dQTYE1ozkwq4Kl1BkEbXHEuwUJkXW2zSMSxjWJUNhx0FVR_Q3QfKQy4x82bTQ3ilp7M_lunBkzcnfJa0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 23 Jun 2023 14:34:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF47
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9G...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE3MDE2ODIxOTA2MTg4MTQyNg&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE3MDE2ODIxOTA2MTg4MTQyNg&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9GjKCdDqCuN6qqsMAN0lakaCE

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE3MDE2ODIxOTA2MTg4MTQyNg&google_push=ATf1kGMgh7U-dSfgTCENVWHuFMZJfqQeVxJAQCoS1hLh192rKQGPDi3x6tu3ab9480gT-ODBmxwFSo9GjKCdDqCuN6qqsMAN0lakaCE
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame AF47 42 B
213 B 157ms
17ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIjyyDuiioWIyjL5rYv_M1k&google_push=ATf1kGNZOQG5Bhe3NvuWv8_yrIfKrghGYknSOpXrRE9hdjbR-hRc98Kl6nQUQseUpv2OZZjFbSs8pyoJOiooTRELn6CRjOfgkFErXFQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:34 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF47
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHTSl_YbiaRKzouWI4Ntdvg&google_cver=1&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY3NTgyMzI1MjI0NjY3NDg0MQ&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhl...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY3NTgyMzI1MjI0NjY3NDg0MQ&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLtMP0x5edjTjBTmVn8mF4dono

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY3NTgyMzI1MjI0NjY3NDg0MQ&google_push=ATf1kGNsf9GVqtQhNw9yEbeXXBDIPl5A35rBZWjC57W1wAKFEtlBQzEPT1NsRuafpHZrw9FqoR3vhlLtMP0x5edjTjBTmVn8mF4dono
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame AF47 43 B
297 B 172ms
25ms Image
image/gif 2a05:d01c:1d8:8101:7a17:40a9:5794:5e61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEakfF1TKrJeF6dclVRcf3s&google_cver=1&google_push=ATf1kGOg7UaQqHy2Q7NUOlEBKpPCjbE4BBr4rZVY3xlhkz4cV_Kfp_RUcUhHPo4WNhkiTjmwL2hKygQvEPl6F4roi3hfdZwq4iRX3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7a17:40a9:5794:5e61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AF47 0
12 B 25ms
15ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaMs06m8Ggd9e2BzLRqS0HOjmfrEobjpFM7WLMD20MxX3rXBzhE05iLTekzSZD20AINmh3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5930385669586631&output=html&h=280&adk=2922691850&adf=1056458448&pi=t.aa~a.3748245283~rp.4&w=720&fwrn=4&fwrnh=100&lmt=1687617272&rafmt=1&to=qs&pwprc=1600519114&format=720x280&url=https%3A%2F%2Feng.m.fontke.com%2Ffont%2F110098506%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687617272946&bpp=1&bdt=2737&idt=-M&shv=r20230620&mjsv=m202306160901&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbc7436550e547aee-2216829ef9e10070%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A&gpic=UID%3D00000c677ab607e3%3AT%3D1687617272%3ART%3D1687617272%3AS%3DALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg&prev_fmts=0x0%2C720x280&nras=3&correlator=6453833897250&frm=20&pv=1&ga_vid=950778989.1687617272&ga_sid=1687617272&ga_hid=698342560&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=440&ady=1678&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31075465%2C44788441&oid=2&pvsid=2143806119293741&tmod=42108584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=QoYIPLjeXd&p=https%3A//eng.m.fontke.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame AB4F 37 KB
14 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:09:35 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C4A 23 KB
9 KB 9ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 22:16:15 GMT
expires: Sat, 22 Jun 2024 22:16:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C4A 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 206 file.mp4
r1---sn-4g5ednsr.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B48A 307 KB
0 21ms
8ms Media
video/mp4 2a00:1450:401e:28::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401e:28::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 24 Jun 2023 14:34:34 GMT
date: Sat, 24 Jun 2023 14:34:34 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2888871/2888872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2888872
last-modified: Wed, 28 Sep 2022 05:26:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C4A 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_4ZS-f6WZL7VMZ-bxgK4rozQDwAAAAA4AeAEAg&bg=!YGOlYzfNAAYQ3eRoMN07ADkAdvg8WoQEq4Qr4n1xEtKUfhb05QvjwZm14HDgePUv-qUgfIxyjfX74IVDA-wSPRVwDmt1hHJmRRUCAAAAjVIAAAADaAEHmQLILdy8Nhpe9PqURjYcJ8Py958Vd6VzyjZmxVO_hzMELmNaBOEXHVb4-0gKF3VCrSYTVpZSqop-V2MkkeZaEmsufH4rsq3cqEjq3O_Ot434bAzw42Buf-0IKKkHBmSJ8RX_JgihANou0hszWBTbyS9RZOXz5Kj6OjRoloQCwz0ftaKWDtD4063p16DTIH8sQBFoXs-0QLkiEMlxk-Se5aqwEPBHWVWb1Syy744ruAwxkq70sBDdvIe4anTiZEYb3EBCEoQVdimOPwaeolOCVlyY5lEQTFjDO6zyC0wi_JGSO3E_7SDvL2gn-nW1-JhyuqYE1BDeiLKoLS5ydwaQhFWYxqiGT2xTbUhXvxYhb9Rk9OQay85m1OQD6BeODU9E6x1zLQA4CIgQyL_FTFiv_FoEoYD1o6nIPos-XhDLd0zVo765DvbXV7gM4EvTbk8H2Fm05qGaRWkd6jiSrgUSRyhH2c_ZfplPrtFnakiG5tNxRRRYCfbfyXzVadR9mk3WRjc1luaCaRRgZ8CcNfJoDGwujjmyyRu1xWha1LqdP4MO61HcCnvIuzPKuN6Q8lhTtGHxfut-R5XdcwO23fSvK1LyePx8LHakkBGaQukeQFwkvOwx9p-uuPRwqN4iR2Z8goYrZvyMPd3RUftoVKI2GPBUTu0xoQWg1Prw-uINwPxbcN-h_jEFYzVyoVag75diPN7cK4765XDhyvlgxiVRefRyLCbeGBdoRuG-rzMjjQl1CUR9jXqu-en_7Zwpo7rp7d_k6lPkcuZj0AI13zt3-_K5PNrNjddycTj4Y8FXvSs-yXJjh6xJo87MtcCMrhDxj7VQFdDC0gXYB1alqY5SPb3B1wyS5GsCxqviD2DTKJ-mvVya1h3DVRKTJRBO1pnfHMjfDVQ5yY-44OdRTR45vaJAe8hOP5ARedj0L38v_DyZhliwwfIT73k7jw

Requested by

Host: eng.m.fontke.com
URL: https://eng.m.fontke.com/font/110098506/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9209 42 B
64 B 68ms
51ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVHq2SCuUzLQpNwJgoETZstLuqzYb_ibMEa4sE7hAhAMzYk_F3SV0hLPCs58-C7mVtyzcVV-giZNqZAoWRD_UZRnyOk1vh5Nk1NRSyaZ0bwC6rsKLJGTTxF5ZjpmTd4h3Kzk0WlesG_Ibg&sai=AMfl-YQZ9KvDVIgDhyhw_7kMO2DfugFLUoaxM3ko8yDoAST8ZvO5Xj5uYQv_hHaXrrTHERsfJ0_2lNAlu3oT&sig=Cg0ArKJSzI71kHMxaAdREAE&cid=CAQSGwBygQiDMmpQZ-XNDOKp4zx9zsWrjEPuxKoGgRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=88,736,1000,1013,1013&tos=88,648,264,13,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687617273045&rpt=361&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4A20 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNbrmXyIt9BGGbyMrIPaqcAV96zlDxtFs2S4QP2aFIhcrs0u5-o7G4t7XEhQHcIiKzwvU4JfEudWfjPANu0vBrEWqjARjT7-NSvfsnd7ScVKWFfPB51MAZPGxgwGWgh6XnCyW___RI33vP&sai=AMfl-YT2OQGAxrkIJ-ncyOawJWEYesLdYp_n35Zh-SpbWmwY3YqKMhACxFdInCsYPMo6-bQZA9qAzOdjV6Vb&sig=Cg0ArKJSzMgHaDVMs7TBEAE&cid=CAQSGwBygQiDj1tATrwdsdYqzZEsKdf-h1P0vmUSpBgB&id=lidar2&mcvt=1000&p=0,0,280,720&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2922691850&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687617272216&rpt=1464&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B48A 0
54 B 236ms
235ms Ping
image/gif 2800:3f0:4005:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lja3r2gt&c=4092498889972&slotId=2046249444986&qqid=CMLPz6CQ3P8CFXMArQYdaHwASA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=799&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.qt&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4005:406::2003 , Argentina, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 14:34:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
60ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230620&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bb7df0714086f20e351f542cd4c4e591010ab9ad6abd921ad0748da9ce72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11262
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 14:34:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E039 13 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 07:18:31 GMT
expires: Sun, 23 Jun 2024 07:18:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 38DB 783 B
535 B 20ms
20ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

963e5ccaf6b03104be9c7e7781bca4a6a3d86d0a30bf27758d4808874f835a9c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B6A5ELCXDFgvU-ELwT-qFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eng.m.fontke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-B6A5ELCXDFgvU-ELwT-qFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 14:34:35 GMT
expires: Sat, 24 Jun 2023 14:34:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame E039 37 KB
14 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 145500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jun 2024 22:09:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 38DB 0
0 43ms
43ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230620&jk=2143806119293741&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E039 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5mA3wA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:34:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
46ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230620&jk=2143806119293741&bg=!OTqlOm7NAAYQ3eRoMN07ADkAdvg8WhEeDd37zAu1KQohR4vOLfs7ZLTLsWANC2_N8HHZgmJWv_TtiO7-kzwogzLV8OzLgjxAjMQCAAAAV1IAAAAEaAEHCgA7Zy3KCfDEQ81X-DEwoNWPyiI_mSLUtc9ufEselieZIZvXE4QwVsv15P0S4kLrmu20q_0FpT0ZdFgUX_GZApvE9tv2mnwBQpeOsZTrIDf4R-1rgsnVPSmwGJU9AadqRg1VPjn03GeO2980BVm-upkLst0pzLRGKXmHF6H3gnHFNQ4s9UjQPetKjJStbFM1ei_wa3q-iqZfQL96XZ0juCA06ACyZDJKiJLPGqLTqdfs_rZUjbg84p0CHyOOGC62MYyS81qQumihqpnlsAOV281hLHsMOjIpHA4nOfeassGLzUsy7MpnfSR4Y7Xk-6dNVejKQwzlkMOCjTnNMzpmOWRpetl_vD-N_KmnGfMONUd-3IAnEdQ_u-Xo_1gdIAQyKDEV3XZX_1ZeF91JXUIUjBarilU1aFZhJ3MWaQeKpf4O8Ehu_2QNh8LNBTkVyYgl-lzJS_Y_0kluxYsbiCt7rwn2TtwBO5tAo1nC_XsnQ3UN3LWQmXfI5LCVX1SL_7DVGLvEiGV8Z_3LaRGM1wdD3H-GMtMwm8zgnce-J0tss1_1swPqQoVQVUHd8XcokNViCMYPoIgCPJtvKgCf3TZgtE5D_ilV0Fs00t-k3IORPbylj_rKOGXvBwOKmVkXO5rlDeLolerVECcEd4zKLXbV_fFvUtr7CDwul23X3Gqxbo_lgqj0PB_c_2z0z24oDp4sff4ch7VlSU9yULS-QmA0kBMkA4JYNU7oCY5jLqV0_ked-x9R3rGRpJaaneJJzung2mGu96wYP6jncr3exlIsN8Ye3EzKBO9L3iKHGJ-lsKvE2qWagn3gvFJO6oH93FpQylETZjeRuBdfFkGz9rgOPUoGu5k0KSzhJuY_XlKy1InRVSaRSDLqZMyEBwMctX9n_7EIIWnKiFzPSebCoTtwZJEGc2k2Heh_fcV2i86ZZdJehKrstprHrF-1_i9Jsl_BeDP9Pw0kCTOe9LkK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eng.m.fontke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: statics.fontke.com
URL: https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fontke.com/	1970-01-20 22:22:57	Name: fontke Value: 78177o2u5sjommdh0u3icrr0v6
.fontke.com/	1970-01-20 22:08:33	Name: __gads Value: ID=bc7436550e547aee-2216829ef9e10070:T=1687617272:RT=1687617272:S=ALNI_MZ0kZ94F6lc_X9G-szwilbtM5Ji0A
.fontke.com/	1970-01-20 22:08:33	Name: __gpi Value: UID=00000c677ab607e3:T=1687617272:RT=1687617272:S=ALNI_MbQ6FtmM-hVc0VxaQeRkolXeVsZgg
.hm.baidu.com/	1970-01-20 22:22:57	Name: HMACCOUNT_BFESS Value: E24A1ADC98A2C13C
.doubleclick.net/	1970-01-20 12:47:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:08:33	Name: IDE Value: AHWqTUkyqfwDnjuf77vtkBCabk7UWvHgYcb63FkJDlIq5dmKhVDu1m75Eb7I8Ll96uU
.eng.m.fontke.com/	1970-01-20 21:32:33	Name: Hm_lvt_c0a79304a1f92d302cec782f23012101 Value: 1687617274
.eng.m.fontke.com/	1969-12-31 23:59:59	Name: Hm_lpvt_c0a79304a1f92d302cec782f23012101 Value: 1687617274
.bidswitch.net/	1970-01-20 21:32:33	Name: tuuid Value: e998bcdf-3231-4c2e-b3d5-84a6fbc825de
.bidswitch.net/	1970-01-20 21:32:33	Name: c Value: 1687617273
.bidswitch.net/	1970-01-20 21:32:33	Name: tuuid_lu Value: 1687617273
eng.m.fontke.com/	1970-01-20 22:12:52	Name: _pk_id.6.e3f0 Value: 7380d9864db6fba3.1687617274.
eng.m.fontke.com/	1970-01-20 12:46:59	Name: _pk_ses.6.e3f0 Value: 1
.mathtag.com/	1970-01-20 13:30:09	Name: mt_mop Value: 4:1687617273
.bidswitch.net/	1970-01-20 12:46:57	Name: google_push Value: ATf1kGNua6DJIeRaSmO0-CIcKq--obhae3amNxTiFMFwm7u0MZ__12GNDilywZgBj8BhWZObwaqXPuEp_Vbt_awu-iV7wC6kzSWoTKH42PXFNZx9UYH-P7XwnWLWjOq1e2lfSkf7kg55ixu16sbwKjniZcJxxXE
.simpli.fi/	1970-01-20 21:33:59	Name: suid Value: 833A385E5C47428ABD117FE62CF9C01F
.turn.com/	1970-01-20 17:06:09	Name: uid Value: 4303490750306221021
.adform.net/	1970-01-20 13:30:09	Name: C Value: 1
.innovid.com/	1970-01-20 14:56:33	Name: uuid Value: 1ae3e3fc-fb8d-4a9b-8b6b-d35762491354-20230624 10:34:34
.adform.net/	1970-01-20 14:13:21	Name: uid Value: 7601647055369780887
.tribalfusion.com/	1970-01-20 14:56:33	Name: ANON_ID Value: aIntmIqkaHaBykt9Zbxa51MHkYdSjM7pb78wFyqTbuelfy9vphpZcWQei3ODHHeC3NLrvHlwXGeG4TEO1L3eZcDCs7o

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://eng.m.fontke.com/font/110098506/(Line 269) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eng.m.fontke.com/font/110098506/(Line 269) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://eng.m.fontke.com/font/110098506/ Message: Access to XMLHttpRequest at 'https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866' (redirected from 'https://eng.m.fontke.com/statics/fontke/js/locale/eng.js?_=1687617271866') from origin 'https://eng.m.fontke.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://statics.fontke.com/fontke/js/locale/eng.js?_=1687617271866 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5930385669586631&fa=1&ifi=6&uci=a!6&btvi=3&xpc=4zVdRv8Dmu&p=https%3A//eng.m.fontke.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
ag.innovid.com
analytics.fontke.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
eng.m.fontke.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
hm.baidu.com
imasdk.googleapis.com
lf1-cdn-tos.bytegoofy.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
r1---sn-4g5ednsr.c.2mdn.net
s.ssl.qhres2.com
s.tribalfusion.com
sp0.baidu.com
statics.fontke.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
zhanzhang.toutiao.com
zz.bdstatic.com
statics.fontke.com
103.235.46.191
103.235.46.40
104.75.89.75
142.250.185.194
163.181.92.232
178.250.1.9
185.29.134.244
2001:678:cb4:bbbb::11
2600:9000:20e1:9400:12:30a1:de00:93a1
2606:4700::6812:18ad
2800:3f0:4005:406::2003
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:401e:28::6
2a01:53c0:ff11::4
2a02:fa8:8806:20::2010
2a05:d01c:1d8:8101:7a17:40a9:5794:5e61
3.73.11.83
34.160.236.64
35.204.158.49
37.157.6.243
47.241.58.156
58.254.150.48
64.233.166.156
049203c1c42d177a09434a2a1a07f259303475006a9916a9a5c4c8b052b6a086
0686a6bff9672380f75167e49b9c722a5ad73ee84cc7faef75978cf8e35cd605
0789bed91c7534620c51c6f14fffd0a960bd9ab0c182725b1598992be162365d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
137bb7df0714086f20e351f542cd4c4e591010ab9ad6abd921ad0748da9ce72a
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
1475c5a7a25d438d9c7ebabec53d932f1221c0b7fdf6ebc339ded63dbae89a43
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19f2bfecf081cd585c9cafbb61a24c76136c0a171abc29f63f8f35307468b7e4
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52dc603e3fddcce89eef20ca023e3f408484214879596be24c48be4985967d37
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cc7dae5cf40732bdae422fda675031ed9e2cc5995101f8fbece5e26d7b34a4e
5cff36a2a26b6ec5f6837da6a07214e2a5488885e61d9d4b67ff1bee7c8b82fa
5dc62644682fef7efb55eb1b3a7c50281ddd7622c8cabf44148ffb65c618a963
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d3df6af93c8752a5f0f61aa62c20363db9ca566c87bb6408eb6bc8cadaabc0
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68cbc0f34608ab2831660cff88268c1cc860730f17e476ee3fd6ca78ca532ea8
76fe1175f0b9100429f6e06ee61f795e83c496c5700d0d897fb92137ccd31c54
79be140be45ac935e067d6560113f94dcc9e4d4c538202d4d65fe9c0cac0b0f7
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6
7f7a4563a945f57c05734db4835005e87401c8fa28f353aa731e96fe6a97db00
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
83a3c8c5325c6c0582aae8eb93514278aec31f0f05c2f22683be89987d9988fb
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
911ba95952432b7d77808816847bfa0cbea4ff8871b54d01c9f65b5490c6c100
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
963e5ccaf6b03104be9c7e7781bca4a6a3d86d0a30bf27758d4808874f835a9c
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa0f1681f77e96e090816439ed829543355a73325ad43d51304a5cd924a64778
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae2cd3476afe1a3a995da988d88ee63f5801c1a07bff33b1308537a95339046e
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b5a3abb41eac3a2dda441c9023fed26fc94b7454e9828baa761241b8be6b040b
be29ac64b5a39d12f877fe6370d7b28b5d42e0cbf9d499c8954374988e16e30e
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4b53d1d89e4415c2f439e196e576f89179caadef0745c3719f42251d124b937
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
db798b4e4c36b047bb6611c46e95e8dab6c1f0b73a0d3140f1f5438a8e971354
dcb4a46ac315fee8b6945674b16dcea27cbb6baef40d3b49ad5c0316f9ea6941
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d4f7add0ddf5087e7ef37e164d3b297d13127a24ec0efeae89ecab870b58a2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9fc69f6a9087016fb8f8084527c8839aac0e16a10957db2735f619ae854d00b
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

eng.m.fontke.com Open in urlscan Pro 47.241.58.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

140 Requests

91 %HTTPS

58 %IPv6

25 Domains

38 Subdomains

29 IPs

11 Countries

1541 kBTransfer

4285 kBSize

21 Cookies

4 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eng.m.fontke.com Open in urlscan Pro
47.241.58.156 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

91 %
HTTPS

58 %
IPv6

25
Domains

38
Subdomains

29
IPs

11
Countries

1541 kB
Transfer

4285 kB
Size

21
Cookies

140 HTTP transactions
6 data transactions