ztxhnpev.eu.portal.apportal.neptune.dns64.de
104.243.38.18 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/ 9mo old
Submission: On July 08 via api (July 8th 2025, 7:43:49 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 71 domains to perform 178 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is ztxhnpev.eu.portal.apportal.neptune.dns64.de. 9mo old
TLS certificate: Issued by E5 on July 8th 2025. Valid for: 3mo.

This is the only time ztxhnpev.eu.portal.apportal.neptune.dns64.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:11c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1862	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	104.237.132.182 104.237.132.182	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:5c21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3031::ac43:80bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 4	2606:4700:303... 2606:4700:3033::6815:5adc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.65.211.77 159.65.211.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.194.198.116 54.194.198.116	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	141.95.98.64 141.95.98.64	16276 (OVH OVH SAS) (OVH OVH SAS)
3	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:ac7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.42.150.143 152.42.150.143	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:2638:3::39 2a02:2638:3::39	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	35.207.179.213 35.207.179.213	15169 (GOOGLE) (GOOGLE)
1	143.244.197.139 143.244.197.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.71.170.66 35.71.170.66	16509 (AMAZON-02) (AMAZON-02)
4	52.18.217.151 52.18.217.151	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.1.1.166 34.1.1.166	15169 (GOOGLE) (GOOGLE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	89.149.192.65 89.149.192.65	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1	35.186.253.211 35.186.253.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
1	45.55.124.119 45.55.124.119	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	51.89.9.254 51.89.9.254	16276 (OVH OVH SAS) (OVH OVH SAS)
1	34.36.200.111 34.36.200.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:10:... 2606:4700:10::ac43:b78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::28 2a02:2638:3::28	() ()
1	35.244.159.8 35.244.159.8	() ()
1	18.245.31.106 18.245.31.106	() ()
178	53

32 104.243.38.18 (Piscataway, United States) 1 redirects

ASN23470 (RELIABLESITE, US)

ztxhnpev.eu.portal.apportal.neptune.dns64.de 9mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:11c9 (None, )

ASN13335 (CLOUDFLARENET, US)

acscdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a06:98c1:3120::3 (None, )

ASN13335 (CLOUDFLARENET, US)

partner.senty.com.au 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700::6812:1862 (None, )

ASN13335 (CLOUDFLARENET, US)

youradexchange.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 104.237.132.182 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 104-237-132-182.ip.linodeusercontent.com

stats.senty.com.au 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3033::6815:5c21 (None, )

ASN13335 (CLOUDFLARENET, US)

usrpubtrk.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 2606:4700:3031::ac43:80bd (None, )

ASN13335 (CLOUDFLARENET, US)

fontgenerator.cc 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700::6811:180e (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700::6812:1e31 (None, )

ASN13335 (CLOUDFLARENET, US)

stpd.cloud 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:4700:3033::6815:5adc (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.tinyadz.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 159.65.211.77 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.194.198.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-198-116.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:10::6816:445 (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
lb.eu-1-id5-sync.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2606:4700:20::681a:9a9 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:ac7 (None, )

ASN13335 (CLOUDFLARENET, US)

ex.ingage.tech 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::6816:4ad8 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 152.42.150.143 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:2638:3::39 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

bidder.criteo.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.207.179.213 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
PTR: 213.179.207.35.bc.googleusercontent.com

hb.yellowblue.io 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 143.244.197.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.71.170.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 52.18.217.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-217-151.eu-west-1.compute.amazonaws.com

g2.gumgum.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.1.1.166 (Paris, France)

ASN15169 (GOOGLE, US)
PTR: 166.1.1.34.bc.googleusercontent.com

hb-api.omnitagjs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
visitor.omnitagjs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

prg.smartadserver.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 45.55.124.119 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.cootlogix.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com

ag.dns-finder.com 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:10::ac43:b78 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com 9mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a02:2638:3::28 (None, )

ASN- ()

static.criteo.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.159.8 (None, )

ASN- ()

buysellads-d.openx.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.245.31.106 (None, )

ASN- ()

public.servenobid.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
32	dns64.de 1 redirects ztxhnpev.eu.portal.apportal.neptune.dns64.de 9mo old	490 KB
7	fontgenerator.cc fontgenerator.cc 7yr old	41 KB
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 395 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 416 2yr old	25 KB
5	criteo.com gum.criteo.com — Cisco Umbrella Rank: 494 9yr old bidder.criteo.com — Cisco Umbrella Rank: 1501 9yr old	8 KB
5	gstatic.com fonts.gstatic.com 9yr old t3.gstatic.com 9yr old	35 KB
5	senty.com.au partner.senty.com.au 1yr old stats.senty.com.au — Cisco Umbrella Rank: 650845 2yr old	7 KB
4	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1519 9yr old	985 B
4	btloader.com btloader.com — Cisco Umbrella Rank: 966 6yr old api.btloader.com — Cisco Umbrella Rank: 1163 5yr old	29 KB
4	tinyadz.com 1 redirects app.tinyadz.com — Cisco Umbrella Rank: 262263 1yr old	8 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 266 9yr old ad.doubleclick.net — Cisco Umbrella Rank: 183 9yr old	227 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 56yr old	6 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 141 9yr old 962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com 9mo old	24 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 4438 8yr old	22 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 253 13yr old	95 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 78 56yr old	20 B
2	criteo.net static.criteo.net 13yr old	31 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1107 9yr old	736 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 793 11yr old	389 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 609 9yr old buysellads-d.openx.net 6yr old u.openx.net Failed 9yr old	294 B
2	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4561 9yr old visitor.omnitagjs.com 9yr old	632 B
2	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3388 7yr old public.servenobid.com 6yr old	668 B
2	ingage.tech ex.ingage.tech — Cisco Umbrella Rank: 4123 6yr old	465 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 551 9yr old	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 322 13yr old	132 KB
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 55435 6yr old	142 KB
1	dns-finder.com ag.dns-finder.com — Cisco Umbrella Rank: 1234 1yr old	233 B
1	cootlogix.com exchange.cootlogix.com — Cisco Umbrella Rank: 5378 4yr old sync.cootlogix.com Failed 4yr old	439 B
1	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 4079 11yr old	1 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1769 9yr old	441 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1044 8yr old	556 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 305 9yr old acdn.adnxs.com Failed 10yr old secure.adnxs.com Failed 9yr old	705 B
1	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 1197 8yr old match.adsrvr.org Failed 9yr old	420 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1939 6yr old cs-server-s2s.yellowblue.io Failed 5yr old	444 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 31214 9yr old	114 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 997 4yr old	346 B
1	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2060 4yr old	275 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2452 5yr old	320 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1661 5yr old ssc-cms.33across.com Failed 9yr old	250 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 37378 9yr old	179 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65 56yr old	134 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5 56yr old	18 B
1	usrpubtrk.com usrpubtrk.com — Cisco Umbrella Rank: 19516 10mo old	630 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 22055 12yr old
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 26726 6yr old	44 KB
0	adkernel.com Failed sync.adkernel.com Failed 9yr old
0	rubiconproject.com Failed eus.rubiconproject.com Failed 8yr old secure-assets.rubiconproject.com Failed 10yr old
0	audienceexposure.com Failed audienceexposure.com Failed 3yr old
0	aidemsrv.com Failed gum.aidemsrv.com Failed 3yr old
0	rlcdn.com Failed id.rlcdn.com Failed 9yr old
0	bttrack.com Failed bttrack.com Failed 12yr old
0	yieldmo.com Failed ads.yieldmo.com Failed 13yr old
0	a-mo.net Failed prebid.a-mo.net Failed 6yr old
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed 12yr old
0	postrelease.com Failed jadserve.postrelease.com Failed 9yr old
0	copper6.com Failed csync.copper6.com Failed 2yr old
0	smxconv.com Failed usync.smxconv.com Failed 2yr old
0	bid.com Failed rtb.bid.com Failed
0	contextualadv.com Failed sync.contextualadv.com Failed 1yr old
0	lijit.com Failed ap.lijit.com Failed 9yr old
0	stackadapt.com Failed sync.srv.stackadapt.com Failed 10yr old
0	trustedstack.com Failed hb.trustedstack.com Failed 3yr old
0	loopme.me Failed csync.loopme.me Failed 8yr old
0	3lift.com Failed eb2.3lift.com Failed 9yr old
0	zemanta.com Failed b1sync.zemanta.com Failed 9yr old
0	sharethrough.com Failed match.sharethrough.com Failed 9yr old
0	pubmatic.com Failed image8.pubmatic.com Failed 8yr old
0	bidswitch.net Failed x.bidswitch.net Failed 13yr old
0	richaudience.com Failed sync.richaudience.com Failed 8yr old
0	1rx.io Failed sync.1rx.io Failed 9yr old
0	spot.im Failed api-ssp.spot.im Failed 1yr old
0	creativecdn.com Failed creativecdn.com Failed 13yr old
178	71

	Domain	Requested by
32	ztxhnpev.eu.portal.apportal.neptune.dns64.de	1 redirects ztxhnpev.eu.portal.apportal.neptune.dns64.de
7	fontgenerator.cc	partner.senty.com.au fontgenerator.cc
4	g2.gumgum.com	cdn4.buysellads.net
4	gum.criteo.com	stpd.cloud static.criteo.net gum.criteo.com
4	app.tinyadz.com	1 redirects fontgenerator.cc app.tinyadz.com
4	stats.senty.com.au	partner.senty.com.au stats.senty.com.au fontgenerator.cc
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	ztxhnpev.eu.portal.apportal.neptune.dns64.de fontgenerator.cc
3	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
3	script.4dex.io	stpd.cloud cdn4.buysellads.net script.4dex.io
3	securepubads.g.doubleclick.net	fontgenerator.cc securepubads.g.doubleclick.net
3	cdnjs.cloudflare.com	fontgenerator.cc
3	www.google-analytics.com	ztxhnpev.eu.portal.apportal.neptune.dns64.de cdn.jsdelivr.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
2	api.btloader.com	btloader.com
2	ad-delivery.net	fontgenerator.cc
2	onetag-sys.com	cdn4.buysellads.net visitor.omnitagjs.com
2	btloader.com	cdn4.buysellads.net btloader.com
2	ex.ingage.tech	cdn4.buysellads.net
2	id5-sync.com	stpd.cloud
2	cdn.jsdelivr.net	stpd.cloud ztxhnpev.eu.portal.apportal.neptune.dns64.de
2	stpd.cloud	fontgenerator.cc
1	public.servenobid.com	cdn4.buysellads.net
1	buysellads-d.openx.net	cdn4.buysellads.net
1	visitor.omnitagjs.com	cdn4.buysellads.net
1	962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ad.doubleclick.net	fontgenerator.cc
1	ag.dns-finder.com	btloader.com
1	exchange.cootlogix.com	cdn4.buysellads.net
1	apex.go.sonobi.com	cdn4.buysellads.net
1	rtb.openx.net	cdn4.buysellads.net
1	prg.smartadserver.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	ib.adnxs.com	cdn4.buysellads.net
1	direct.adsrvr.org	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	hb.yellowblue.io	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	lb.eu-1-id5-sync.com	stpd.cloud
1	id.hadron.ad.gt	stpd.cloud
1	id.crwdcntrl.net	stpd.cloud
1	lexicon.33across.com	stpd.cloud
1	cdn4.buysellads.net	fontgenerator.cc
1	www.googletagmanager.com	fontgenerator.cc
1	t3.gstatic.com	ztxhnpev.eu.portal.apportal.neptune.dns64.de
1	www.google.com	1 redirects
1	usrpubtrk.com	acscdn.com
1	youradexchange.com	acscdn.com
1	partner.senty.com.au	ztxhnpev.eu.portal.apportal.neptune.dns64.de
1	acscdn.com	ztxhnpev.eu.portal.apportal.neptune.dns64.de
0	sync.adkernel.com Failed	visitor.omnitagjs.com
0	secure-assets.rubiconproject.com Failed	visitor.omnitagjs.com
0	ssc-cms.33across.com Failed	visitor.omnitagjs.com
0	eus.rubiconproject.com Failed	visitor.omnitagjs.com
0	cs-server-s2s.yellowblue.io Failed	visitor.omnitagjs.com
0	audienceexposure.com Failed	visitor.omnitagjs.com
0	gum.aidemsrv.com Failed	visitor.omnitagjs.com
0	id.rlcdn.com Failed	visitor.omnitagjs.com
0	bttrack.com Failed	visitor.omnitagjs.com
0	ads.yieldmo.com Failed	visitor.omnitagjs.com
0	prebid.a-mo.net Failed	visitor.omnitagjs.com
0	ssum-sec.casalemedia.com Failed	visitor.omnitagjs.com
0	u.openx.net Failed	visitor.omnitagjs.com
0	jadserve.postrelease.com Failed	visitor.omnitagjs.com
0	csync.copper6.com Failed	visitor.omnitagjs.com
0	usync.smxconv.com Failed	visitor.omnitagjs.com
0	rtb.bid.com Failed	visitor.omnitagjs.com
0	sync.contextualadv.com Failed	visitor.omnitagjs.com
0	ap.lijit.com Failed	visitor.omnitagjs.com
0	sync.srv.stackadapt.com Failed	visitor.omnitagjs.com
0	hb.trustedstack.com Failed	visitor.omnitagjs.com
0	csync.loopme.me Failed	visitor.omnitagjs.com
0	eb2.3lift.com Failed	visitor.omnitagjs.com
0	b1sync.zemanta.com Failed	visitor.omnitagjs.com
0	match.sharethrough.com Failed	visitor.omnitagjs.com
0	image8.pubmatic.com Failed	visitor.omnitagjs.com
0	x.bidswitch.net Failed	visitor.omnitagjs.com
0	sync.richaudience.com Failed	visitor.omnitagjs.com
0	sync.1rx.io Failed	visitor.omnitagjs.com
0	api-ssp.spot.im Failed	visitor.omnitagjs.com
0	creativecdn.com Failed	visitor.omnitagjs.com
0	secure.adnxs.com Failed	visitor.omnitagjs.com
0	match.adsrvr.org Failed	visitor.omnitagjs.com
0	sync.cootlogix.com Failed	cdn4.buysellads.net
0	acdn.adnxs.com Failed	cdn4.buysellads.net
178	89

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
ztxhnpev.eu.portal.apportal.neptune.dns64.de E5	`2025-07-08` - `2025-10-06`	3mo	crt.sh
upload.video.google.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
acscdn.com WE1	`2025-05-13` - `2025-08-11`	3mo	crt.sh
partner.senty.com.au WE1	`2025-06-15` - `2025-09-13`	3mo	crt.sh
youradexchange.com WE1	`2025-06-01` - `2025-08-30`	3mo	crt.sh
*.gstatic.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
stats.senty.com.au E6	`2025-05-15` - `2025-08-13`	3mo	crt.sh
*.google-analytics.com WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
usrpubtrk.com WE1	`2025-06-16` - `2025-09-14`	3mo	crt.sh
fontgenerator.cc WE1	`2025-06-12` - `2025-09-10`	3mo	crt.sh
cdnjs.cloudflare.com WE1	`2025-05-22` - `2025-08-20`	3mo	crt.sh
stpd.cloud WE1	`2025-06-28` - `2025-09-26`	3mo	crt.sh
*.g.doubleclick.net WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
*.cdn4.buysellads.net E5	`2025-05-14` - `2025-08-12`	3mo	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-25` - `2025-09-25`	3mo	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2025 Q2	`2025-06-02` - `2026-07-04`	1yr	crt.sh
lexicon.33across.com WR3	`2025-06-17` - `2025-09-15`	3mo	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	1yr	crt.sh
id.hadron.ad.gt WE1	`2025-05-14` - `2025-08-12`	3mo	crt.sh
id5-sync.com E5	`2025-07-01` - `2025-09-29`	3mo	crt.sh
script.4dex.io WE1	`2025-05-16` - `2025-08-14`	3mo	crt.sh
tinyadz.com WE1	`2025-07-07` - `2025-10-05`	3mo	crt.sh
eu-1-id5-sync.com R11	`2025-07-01` - `2025-09-29`	3mo	crt.sh
*.ingage.tech Sectigo RSA Organization Validation Secure Server CA	`2024-08-01` - `2025-08-11`	1yr	crt.sh
btloader.com WE1	`2025-06-01` - `2025-08-30`	3mo	crt.sh
*.buysellads.com E5	`2025-05-14` - `2025-08-12`	3mo	crt.sh
*.yellowblue.io WR3	`2025-06-30` - `2025-09-28`	3mo	crt.sh
ads.servenobid.com R11	`2025-05-27` - `2025-08-25`	3mo	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	1yr	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M04	`2025-06-03` - `2026-07-02`	1yr	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2025-02-21` - `2026-03-23`	1yr	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	1yr	crt.sh
prebid.media.net WR3	`2025-05-22` - `2025-08-21`	3mo	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-09` - `2026-02-09`	1yr	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	1yr	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2024-12-06` - `2026-01-07`	1yr	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	1yr	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2025-01-21` - `2025-12-27`	1yr	crt.sh
dns-finder.com WR3	`2025-05-12` - `2025-08-10`	3mo	crt.sh
ad-delivery.net WE1	`2025-07-04` - `2025-10-02`	3mo	crt.sh
*.doubleclick.net WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
api.btloader.com WR3	`2025-05-27` - `2025-08-25`	3mo	crt.sh
adtrafficquality.google WE2	`2025-06-23` - `2025-09-15`	3mo	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-12` - `2025-09-04`	3mo	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2024-11-07` - `2025-12-06`	1yr	crt.sh

This page contains 26 frames:

Primary Page: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Frame ID: 0EC0EF7E059D5ADC32A24DFA06FDA621
Requests: 36 HTTP requests in this frame

Frame: https://fontgenerator.cc/embed
Frame ID: D39A3C3F6221976BF15E854D505D4A31
Requests: 67 HTTP requests in this frame

Frame: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Frame ID: C8B4FF9888F8F00F7173ED97FE01DCF3
Requests: 13 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=MG2Mz9j1-YFY0mLlJ-97eb90e995&upapi=true
Frame ID: 130A43165B5D9DBB94BC484C773D4699
Requests: 1 HTTP requests in this frame

Frame: https://962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1
Frame ID: 2080DF8722C515CEB2A81D15A3294384
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: A2B557041173E343AFF36155C2BF9A53
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ztxhnpev.eu.portal.apportal.neptune.dns64.de
Frame ID: 754749F0445E6649C81DED16BA3FAB7B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CB591C0BDE17FFBAA13CBB65C1A6EFE7
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BD1720A52E5D2D5C539BC9E7ABAAB9C7
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Frame ID: DB25C914ADB6B2352488CC8A1D9C25B1
Requests: 35 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1752003832238
Frame ID: B8603D5B840882EDE231E1F3ED301C83
Requests: 1 HTTP requests in this frame

Frame: https://buysellads-d.openx.net/w/1.0/pd
Frame ID: 419DDAEFD8D5F26A95D9ABB1665B663A
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 0FF8B55893538AA0E35BB0C009D15F7C
Requests: 1 HTTP requests in this frame

Frame: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 32A5FC493735D5433ACAA424FBE6BE17
Requests: 1 HTTP requests in this frame

Frame: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: EFBC74F240BFD7EF37A7AC1AD7AF114D
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: E00914DEEBB4BC4E2770CD6932D0908A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: F2388A8E4DB1B05B33D83B06E2A0A54F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 12C4732C2578DAB6D70685CE1D62B2EF
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: CDC15FFAA1BE426A77541BFA89190300
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 85EF0346E993D447F8D237CEAF63937E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 5235C288BEFF4F0EC4A2E9083D08B80E
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: 54C2B62B0123410A1E6979829AA5DF36
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 3E54616AD327A108F07A354605BDCB85
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Frame ID: C885E83901F52579014B413046B3E442
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=
Frame ID: 6C16488DF57AC98440725F163719B1F4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}
Frame ID: D6487CBA8DE9F1A9A3292EE4AF83EB31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shadow

Detected technologies

AppNexus (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

178
Requests

70 %
HTTPS

55 %
IPv6

71
Domains

89
Subdomains

53
IPs

7
Countries

1688 kB
Transfer

5823 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24 HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Request Chain 33

https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home HTTP 301
https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Request Chain 48

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781 HTTP 301
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

178 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/ 23 KB
7 KB 587ms
90ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 08 Jul 2025 19:43:50 GMT
etag: W/"5de0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

GET
H2 200 autoblank.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 1 KB
646 B 101ms
99ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/autoblank.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"553-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 594
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.css
ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/ 12 KB
3 KB 95ms
94ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/index.css
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2e4a-196eb5befff"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2514
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 20 May 2025 01:43:13 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/ 3 KB
809 B 97ms
95ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/themes.css
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
2 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Open+Sans:wght@400;700&display=swap

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 08 Jul 2025 19:43:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
919 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&display=swap

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 08 Jul 2025 19:37:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 settings.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
1 KB 95ms
95ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/settings.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1028-196bc7a5607"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 997
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 10 May 2025 23:14:16 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 debugger.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 1 KB
521 B 99ms
98ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/debugger.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"464-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 446
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 ana.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/ 390 KB
134 KB 149ms
149ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/ana.js

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43a3e372402bfb25769362c3bec3d499288057329987e4a56fecb909e116ec26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Tue, 08 Jul 2025 19:43:50 GMT
alt-svc: h3=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 136070
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 aclib.js Show response
acscdn.com/script/ 143 KB
44 KB 44ms
24ms Script
text/javascript 2606:4700::6812:11c9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://acscdn.com/script/aclib.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11c9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ea232bb2f4cf7d88071aea08c659f762ee01d0e0a1ed845db965d470d47396

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

x-goog-metageneration: 2
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=tgMNqg==, md5=/VUK1moNPhi6XqiKlBCgyw==
cf-cache-status: HIT
etag: W/"fd550ad66a0d3e18ba5ea88a9410a0cb"
age: 1140
content-encoding: gzip
x-goog-stored-content-encoding: identity
expires: Tue, 08 Jul 2025 20:43:50 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 146925
server-timing: cfExtPri
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript
last-modified: Thu, 03 Jul 2025 13:49:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-guploader-uploadid: ABgVH8-E4ZDxpEUlv2VnSbiVn8l09wMdgwi2OTK9ZYGU73tVwPrAtwjBb-D7XNjKZ2VYz-r52Akojj4
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c212a36d94d2ab-FRA
access-control-allow-origin: *
x-goog-generation: 1751550588457401
server: cloudflare

GET
H2 200 index.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/ 8 KB
3 KB 103ms
100ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/index.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2123-19420c19b61"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3161
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 search.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 1004 B
486 B 101ms
99ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/search.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3ec-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 434
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
1 KB 100ms
98ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/themes.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 options.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
1 KB 95ms
93ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/options.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"e89-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1017
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.bundle.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/ 370 KB
109 KB 108ms
106ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/uv.bundle.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"5c6cc-1932310d24f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.config.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/ 2 KB
904 B 99ms
97ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/uv.config.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"710-197045adf12"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 830
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 24 May 2025 22:12:33 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 uv.sw.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/ 7 KB
3 KB 106ms
104ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/uv.sw.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"1d3b-1932310d26f"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2957
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 13 Nov 2024 01:08:45 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 tabs.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 15 KB
4 KB 106ms
104ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/tabs.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3a68-196cccf5594"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 14 May 2025 03:21:02 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bookmarks.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
1 KB 107ms
106ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/bookmarks.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f4b-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1252
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 partner.js Show response
partner.senty.com.au/ 8 KB
3 KB 108ms
82ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://partner.senty.com.au/partner.js

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15de36af5d8f15fbcec15399552be03a05cab1c61543b0232e7e2342e76494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6fe8ec292661e1e321c7790732cb8ece"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu5WiKrut8sgQcyDAdEAIM3kHbYxJ31aTUUdSEVlUuFpoh02cIjt%2Bd1Qo3kcmvDaVor%2B3OiRVLGHZmOCClupeWd5kZq1LnmZ9%2FAJ0IvTOWPcB5z07XqL9qYGiJRG5xhLgXuDkhohbCQQne%2BHhGPVkiX5Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfExtPri
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: application/javascript
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 95c212a3fc2bdcb8-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 settings_manager.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
937 B 170ms
168ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/settings_manager.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/settings.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 885
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 204 czcf.php
youradexchange.com/ad/ 0
0 161ms
131ms Fetch 2606:4700::6812:1862
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=hfjbzu6ztb&atv=62.4&chmob=%3F0
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1862 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-ray: 95c212a4493f1808-FRA
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:50 GMT
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ 8 KB
8 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 42363
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:57:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:57:47 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ 3 KB
2 KB 396ms
129ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:51 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 history_helper.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ 4 KB
1 KB 91ms
90ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/history_helper.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/tabs.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"ff4-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 960
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 index.mjs Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/ 8 KB
3 KB 92ms
91ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/index.mjs
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/tabs.js

Response headers

cache-control: public, max-age=0
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"2019-19420c19b79"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 3022
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 Jan 2025 07:25:46 GMT
vary: Accept-Encoding
x-powered-by: Express

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 42ms
14ms Fetch
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5770v9138172222za204&_p=1752003830385&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104908321~104908323&cid=1331013189.1752003831&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1752003830&sct=1&seg=0&dl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&dt=Shadow&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1029
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 hb.php
usrpubtrk.com/ut/ 0
630 B 163ms
141ms Ping
text/plain 2606:4700:3033::6815:5c21
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://usrpubtrk.com/ut/hb.php?cb=0.5960783177647383&v=1
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/aclib.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5c21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCdW5BtFscDAJ6g0HERPdlq5UqW94Q2cU2dF3iXs0lgY7XEaidO%2FuNo2XcG6q9H9dIHJlUSKkQXk9lcmIcmZzt%2BcFP5cXpIqiw0azODV4KlWbpSL64PuXNvG92NlzC88RE9BYVPn0M0c3ll1"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 95c212a629e168a5-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6206&min_rtt=5962&rtt_var=985&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3649&recv_bytes=4308&delivery_rate=1368346&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15474&unsent_bytes=0&cid=5e6f79a1a680f640&ts=142&inflight_dur=45&x=103"
date: Tue, 08 Jul 2025 19:43:50 GMT
server: cloudflare

GET worker.js
ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/ 0
0

GET
H2 200 broken-sites Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/v1/api/ 94 B
175 B 90ms
89ms Fetch
application/json 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/v1/api/broken-sites
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/tabs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 0896cbd7d00a2469720e8bdb0e03bf120e45ee46dd5e33f974579189fd31dfd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cross-origin-opener-policy: same-origin
etag: W/"5e-I1o6FJgyhlu511Hh/ajuRttYMxE"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 94
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H3 200 embed Show response
fontgenerator.cc/ Frame D39A 10 KB
5 KB 838ms
816ms Document
text/html 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/embed

Requested by

Host: partner.senty.com.au
URL: https://partner.senty.com.au/partner.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 95c212a6add7d37e-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 08 Jul 2025 19:43:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdE7pfVruDy9uBMtXZDDIHQesITgZktncXex3fWOgSh6o2MyW3hO9vI5TAcncJmRq0%2BaUGVdpgKAM3L4lTYv01YKDPA2FlG5BEK6Qvnj%2FJWTSx%2BevOb1EMrsQeah0vGRbUWyQtm6Bg3GucQTXOXY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6270&min_rtt=5941&rtt_var=1099&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3703&recv_bytes=3349&delivery_rate=1512926&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15482&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=820&inflight_dur=46&x=103"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons/imgs/icons?domain=bnalk&sz=24
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

726 B
917 B

52ms
17ms

Image
image/png

2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Protocol

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
date: Tue, 08 Jul 2025 19:43:50 GMT
x-xss-protection: 0
content-type: image/png
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 20:13:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
date: Tue, 08 Jul 2025 19:43:50 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

POST
H2 202 event Show response
stats.senty.com.au/api/ 2 B
220 B 386ms
129ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

x-request-id: GFBeM8CWKqIjAI0MWaPh
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H2 200 home.html Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/pages/ Frame C8B4 47 B
194 B 89ms
89ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/pages/home.html
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/tabs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329

Request headers

Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=3600, must-revalidate public, max-age=604800
content-length: 47
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 08 Jul 2025 19:43:51 GMT
etag: W/"2f-1924f22eefb"
last-modified: Wed, 02 Oct 2024 21:29:02 GMT
via: 1.1 Caddy
x-powered-by: Express

GET
H2

200

/ Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/ Frame C8B4
Redirect Chain

https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home
https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

976 B
629 B

90ms
90ms

Document
text/html

104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/pages/home.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6

Request headers

Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/pages/home.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=604800
content-encoding: gzip
content-length: 555
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Tue, 08 Jul 2025 19:43:51 GMT
etag: W/"3d0-196ee8b91bb"
last-modified: Tue, 20 May 2025 16:34:06 GMT
vary: Accept-Encoding
via: 1.1 Caddy
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=2592000
content-length: 154
content-security-policy: default-src 'none'
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin
date: Tue, 08 Jul 2025 19:43:51 GMT
location: /home/
via: 1.1 Caddy
x-content-type-options: nosniff
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame D39A 8 KB
2 KB 41ms
13ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 08 Jul 2025 19:43:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame D39A 368 KB
36 KB 59ms
46ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-8cd9"
age: 435087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGlhuWS211YTYI59EpSt25FimlE4pMsTb3x57wpF54SPr4MLJ0l7j2Lti6YC%2FIZAfzYZheN%2BXETfhjANEopUlk%2FQgk1LTcXkQ4Ye6CTVIj0n9dNBWhS%2B34GiYo6wIk2dpCxbu5MRmrtsIkYQUz7kbUCx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Jun 2026 19:43:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c212abd9c24db3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36057
server: cloudflare

GET
H3 200 style.css
fontgenerator.cc/ Frame D39A 14 KB
4 KB 23ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/style.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "68102ad2-3910"
age: 3637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8Kry%2F6Vtv0eKxyN3eFsIVv2ZVlbQe2uN8pcdQ8w7iP9B2Ys09YkmbkLhay%2BzqDslfgJxeYZR6e1FY7y6qgbASoQErr1dRkcxzLOQ0ouaHW5Sa9sHV8XpXawCQQR5NPW%2FTsmWzbwWsaa8fJ9LuXK"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6259&min_rtt=5941&rtt_var=500&sent=32&recv=19&lost=0&retrans=0&sent_bytes=23061&recv_bytes=5097&delivery_rate=3951141&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20686&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=844&inflight_dur=61&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css
last-modified: Tue, 29 Apr 2025 01:26:42 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212abce9bd37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 toastr.min.css
fontgenerator.cc/ Frame D39A 7 KB
4 KB 25ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/toastr.min.css

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1a55"
age: 3637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfXd%2FtKc4wTtrQReGq60ZSXVzFC16dg0ETxZ9MGJRjqdPLC6GP1vM%2FH7keaThfc%2BSB2YbbtmTaMMYIehdlfhsdZuyi9xLyfTC2oBpGMdPW8yIsTF7v4rUxoDcVsVNgumPIfG%2B%2B9f4c6UJrAFV418"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6259&min_rtt=5941&rtt_var=500&sent=38&recv=19&lost=0&retrans=0&sent_bytes=29639&recv_bytes=5097&delivery_rate=3951141&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20686&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=848&inflight_dur=62&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212abce9ad37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ Frame D39A 5 KB
3 KB 48ms
17ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
age: 4306
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hEaEMJ5UWyUciGz5l%2BACmGeoRzXgqYPWrk0OCXT%2BqqZy4POGrgHdZhe7ZvogMRSzHWZjK%2FDOcN8IeFs7ZegTidvJHM6QrbWZfAJZX6llcJMVEYwTD8zbwNzCvnMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 20:03:51 GMT
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=1200
referrer-policy: strict-origin-when-cross-origin
cf-ray: 95c212abfdffd2f3-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D39A 111 KB
34 KB 58ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26e4e7a0c6b40bdb906e159a7fcc48a1e920325ccdbf58fff250b40794ee1281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 465 / 20277 / 31093267 / config-hash: 10600951306635097278
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34964
x-xss-protection: 0
server: cafe

GET
H2 200 9343 Show response
stpd.cloud/saas/ Frame D39A 513 KB
139 KB 54ms
52ms Script
text/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stpd.cloud/saas/9343
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed15bbf4c911176993b47242f02fa0a03836b69685068e527c3bd74297fb4588

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=1200
content-encoding: br
cf-cache-status: HIT
age: 148
cf-ray: 95c212ac4ea7d2f3-FRA
expires: Tue, 08 Jul 2025 20:03:51 GMT
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/javascript
last-modified: Tue, 08 Jul 2025 19:41:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D39A 394 KB
134 KB 60ms
37ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1B87SF7ZHT

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7615d88d76f22ea736b366355ebf6beefffdf3878fb49da898dc77ebbfabf857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Tue, 08 Jul 2025 19:43:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 136665
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.outbound-links.pageview-props.tagged-events.js Show response
stats.senty.com.au/js/ Frame D39A 3 KB
2 KB 386ms
130ms Script
application/javascript 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL

https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

104-237-132-182.ip.linodeusercontent.com

Software

nginx /

Resource Hash

4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=86400, must-revalidate
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff, nosniff
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:52 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame D39A 87 KB
28 KB 35ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "603e8adc-15d9d"
age: 2387446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BOIY9Gfr4wADokSBc2FPtmDE8WeHLIMJC3PC7YCqPY3h0z%2BMK0agXjT6E5%2FdyqcFHxL7zLFCQ0H8clM2mmKuyK8mN0iG%2FMSmgpHWUzrtdyfPmKYjP6eVCf82iWw%2BGHZ3yrcY9MqZh8Zi3m5pAsilP5A"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Jun 2026 19:43:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c212abd9c14db3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27938
server: cloudflare

GET
H3 200 script.js Show response
fontgenerator.cc/js/ Frame D39A 95 KB
20 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/script.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e356ca-17ae7"
age: 446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSi6nTpHhd2rAG9Pt5JubmvAQcK0SBEYs9osgG87QWZXuZOWN9HFJgDS3aFDFO704TVM6qic1mMa%2B5QW8sPcXVm7EQF3A%2F6As9DLibyEJn9b3hVAggqnWWWKQ87NA7chp0kJlksmnor0Z%2BAD1FI%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6259&min_rtt=5941&rtt_var=500&sent=20&recv=19&lost=0&retrans=0&sent_bytes=8953&recv_bytes=5097&delivery_rate=3951141&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20686&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=844&inflight_dur=61&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 01:22:18 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212abce9cd37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 functions.js Show response
fontgenerator.cc/js/ Frame D39A 5 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/functions.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e34bc9-1275"
age: 755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isKA%2BQy4p%2FFn8Yxa5KiDofja3yarAhRkbLmz3hjddRZeS1MoS2nIY1FvdBZNrgne90RlQA3N4e3lVo3ppC0j2mST5n7qAR1p0ATjk0jDkE5Nk9C1SV4K0ePnSVt%2BdmeTVnAII5sZy9%2FGqSFUbl5E"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6323&min_rtt=5906&rtt_var=288&sent=52&recv=30&lost=0&retrans=0&sent_bytes=41740&recv_bytes=5580&delivery_rate=10956602&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=41372&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=854&inflight_dur=69&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Mar 2025 00:35:21 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212abce9dd37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 mdb.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/ Frame D39A 123 KB
31 KB 42ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/7.1.0/mdb.umd.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "656db89f-7ae6"
age: 432030
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nibknViCtgG12T5EKVu%2BQhE8SMxxmATmonq4T7jNNW2LpFOGg1h9k2EaMzYMdxmSN4wFk4lL64sXix7ZbUa3Q684FI0lJwHLOgKrMM%2Br%2FlUXlJMKk1fbkbzg%2FEpqEw99A%2B%2FuHtvJRcka3nBoY0R27Xkn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 28 Jun 2026 19:43:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Dec 2023 11:31:43 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 95c212abd9c34db3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31462
server: cloudflare

GET
H3 200 toastr.min.js Show response
fontgenerator.cc/js/ Frame D39A 5 KB
3 KB 23ms
22ms Script
application/javascript 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://fontgenerator.cc/js/toastr.min.js

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-15a1"
age: 3637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVVVJIesYjzw74e1a8WL%2Fsv%2BBu5FfKX1%2Bqq2qgistiaTqlcCk13lZcXeqOnkUz%2FBMZ94YiXaXs0MLKxVyXtHynxvvp2nVael9l9pJHdczo2qOoyyvdst5OhGFjrpfGf2qBc5XXE2c4kWHLCGD6Us"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6228&min_rtt=5941&rtt_var=437&sent=43&recv=20&lost=0&retrans=0&sent_bytes=34439&recv_bytes=5140&delivery_rate=3951141&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=23086&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=850&inflight_dur=67&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212abce9ed37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

200

ads.js Show response
app.tinyadz.com/scripts/v1.0/ Frame D39A
Redirect Chain

https://app.tinyadz.com/scripts/ads.js?siteId=68323df081da95ab79451781
https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781

7 KB
3 KB

135ms
135ms

Script
text/javascript

2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H3
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8538b1993b3e409b97eb358a67ea08e9b2bb9b3f645a182a38badefce054530b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U84w9qtIrgMTmaS5g6vc%2FF0QgumBdGnWeQ%2F28Dj3Nlofm4OGtr3zfVTXDk6azLs4Jd0BAPQvy1o0hG0J7o5etZV4deg1OM09UmmLopXoU29azuCx2ilmTryKS5z7%2BV0dzmHtrVwRQbBE5l4CmFg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c212ac6f1403ec-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6257&min_rtt=6069&rtt_var=633&sent=13&recv=13&lost=0&retrans=0&sent_bytes=4458&recv_bytes=3632&delivery_rate=675837&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=16231&unsent_bytes=0&cid=c27813e637ab8206&ts=218&inflight_dur=69&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare
last-modified: Tue, 08 Jul 2025 19:43:51 GMT

Redirect headers

cache-control: max-age=14400
location: /scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47kGIhvkO7RTGQkv5kSqkQvV5V6CkyqNqMI6bNDkHeqCQSOi7XVT3WKyWFJyLhbjcNt9Q%2BdjrEXz27J%2ByXsDnENaRyPIrVq1lrb6Zco2WUfyb6Q5HvhwIywOxAOTcw7hkq47v2JeQT%2FIUpxL03c%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c212abff0e03ec-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 9
server-timing: cfL4;desc="?proto=QUIC&rtt=6223&min_rtt=6069&rtt_var=887&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3642&recv_bytes=3238&delivery_rate=675837&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15467&unsent_bytes=0&cid=c27813e637ab8206&ts=70&inflight_dur=49&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 fontgenerator.js Show response
cdn4.buysellads.net/pub/ Frame D39A 701 KB
179 KB 241ms
85ms Script
application/javascript 159.65.211.77
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.211.77 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-lon1-2 /
Resource Hash: 625e266d5e517f15a1973b9d7f06ccdba9a8726e46a17801d4424b3efce98cd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: br
etag: f0d2bd2b580ecf448139422ad7f42487561c01e1
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-lon1-2

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v43/ Frame D39A 18 KB
18 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ubuntu:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://fontgenerator.cc
Referer: https://fonts.googleapis.com/

Response headers

age: 42552
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:54:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:54:39 GMT
last-modified: Wed, 28 May 2025 17:51:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18652
x-xss-protection: 0
server: sffe

GET
H2 200 home.css
ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/ Frame C8B4 1 KB
662 B 91ms
90ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/home.css
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"4d2-19630f6deef"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 540
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 themes.css
ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/ Frame C8B4 3 KB
0 97ms
95ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/themes.css
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"b00-196c0828a31"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 734
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 11 May 2025 18:01:42 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ Frame C8B4 2 KB
620 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 08 Jul 2025 19:38:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 ana.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/ Frame C8B4 390 KB
0 149ms
149ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL

https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/ana.js

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43a3e372402bfb25769362c3bec3d499288057329987e4a56fecb909e116ec26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Response headers

content-encoding: zstd
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Tue, 08 Jul 2025 19:43:50 GMT
alt-svc: h3=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
via: 2.0 Caddy
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 136070
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 themes.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ Frame C8B4 4 KB
0 100ms
98ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/themes.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"116e-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 1343
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 plain_logo.webp
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/icons/ Frame C8B4 11 KB
11 KB 91ms
91ms Image
image/webp 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/icons/plain_logo.webp
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/home/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2d9c-19630f6dee7"
via: 1.1 Caddy
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 11676
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: image/webp
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/ Frame D39A 540 KB
170 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/pubads_impl.js?cb=31093267

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae11f172d05e8b0e39de3fcda74a3187cb9a16ae18f1c4bf528f97ee0f2ef54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
etag: 16464835413289706854
age: 42417
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:56:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Jul 2025 07:56:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 173919
x-xss-protection: 0
server: cafe

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/ Frame D39A 64 KB
23 KB 16ms
16ms Other
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202507080101/gpt

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26170f6e512b65921c72efdda4caa9e0a3a362a49625e5ca5e92a2efe74e7cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 8335879915435882070
age: 16952
x-content-type-options: nosniff
expires: Tue, 15 Jul 2025 15:01:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 08 Jul 2025 15:01:19 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23329
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202507080101"

GET
H3 200 F.svg
fontgenerator.cc/icons/ Frame D39A 5 KB
3 KB 19ms
18ms Image
image/svg+xml 2606:4700:3031::ac43:80bd
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fontgenerator.cc/icons/F.svg

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:80bd -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/embed

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "67e1e2bb-1516"
age: 3636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArmspBqCWJd5vFNtlxj9ytofJjxDli2oGqGpuacaO%2Fpbo7hvaT59a7AcKc038mBq7PhAd1CjU2%2ByndPMd4HjZ7WE4I0zxWby0ZxijxTgj6XyG9TDT1ew603HoWPlRhFfcRkiy3QJ4KkSyltDBWmc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6403&min_rtt=5906&rtt_var=376&sent=55&recv=39&lost=0&retrans=0&sent_bytes=44109&recv_bytes=6302&delivery_rate=10956602&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=55819&unsent_bytes=0&cid=1fc9ef9ba69d80de&ts=1107&inflight_dur=79&x=103"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: image/svg+xml
last-modified: Mon, 24 Mar 2025 22:54:51 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 95c212ad6ec6d37e-FRA
x-xss-protection: 1; mode=block
server: cloudflare

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 374ms
22ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&domain=fontgenerator.cc&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fontgenerator.cc
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 08 Jul 2025 19:43:52 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 221647
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D39A 2 KB
1 KB 53ms
17ms Fetch
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250708

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

36de703e2f5911ab433271a452e95a337f38d2007d0a001fa2ca561e78d351df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"636-33McN8n6IlI+IkpnhIMoHaq04AM"
age: 13375
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-fra-eddf8230079-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 806
x-jsd-version: 1.0.2476

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame D39A 49 B
250 B 391ms
365ms Fetch
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002bTS1QAAW&gdpr=0&src=pbjs&ver=9.27.0&coppa=0
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json
vary: origin

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame D39A 43 B
320 B 110ms
36ms Fetch
application/json 54.194.198.116
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://id.crwdcntrl.net/id?c=18013

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.198.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-198-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=utf-8

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame D39A 2 B
275 B 140ms
100ms Fetch
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=533&_it=prebid&t=1&src=id&domain=fontgenerator.cc
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=604800
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray: 95c212ae5e00d284-FRA
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf8
server: cloudflare
access-control-allow-headers: authorization,content-type

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame D39A 194 B
645 B 34ms
7ms Fetch
application/json 141.95.98.64
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

734e0e4308c5fbb5999269d165b1a54cdaead6e156cf8e7b07692a15dd70bdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="CAO PSA OUR"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame D39A 2 B
375 B 362ms
21ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&domain=fontgenerator.cc&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 246802
expires: 0
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame D39A 61 KB
19 KB 54ms
25ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/9343
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1699467
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fcJK1QSloCrq50k03fGwxqF9GtTTSG4hVFJCqZeVaYyx1VM5QvjEptrsdTYqnLmoPZg3FFZZf5XOxKSHVizWVbSx%2BnmTMHASt0M8mD40U4EArIsjBetcyMRv%2BJGxjITBCyytofIRZf3q6Wh"}],"group":"cf-nel","max_age":604800}
Expires: Mon, 24 Mar 2025 20:37:34 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5872&min_rtt=5843&rtt_var=1278&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3462&recv_bytes=2274&delivery_rate=670820&cwnd=252&unsent_bytes=0&cid=6030177981e67284&ts=30&x=0"
Date: Tue, 08 Jul 2025 19:43:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 95c212ae4a62bb41-FRA
Server: cloudflare

GET
H3 200 GetSiteAdConfigAPI Show response
app.tinyadz.com/api/ Frame D39A 96 B
744 B 65ms
65ms Fetch
application/json 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/api/GetSiteAdConfigAPI?siteId=68323df081da95ab79451781&pageUrl=https%3A%2F%2Ffontgenerator.cc%2Fembed&refererUrl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&width=300&height=120
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=0
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6SkhOXM6t8a3T84zWxCLlwsSDIf3yCD4v3QaDsPj5JGgrqCA1COfVqX35Tb9pZZ%2FkV7gOs1NqzC%2BNrqKlNkXcx2H27SzTDrKEaqlwJ82c67Thskta0Qf3cNykI3qowsvWk1JarZDgXbUhos%2Fqg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c212ae4f1c03ec-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6240&min_rtt=5535&rtt_var=639&sent=17&recv=16&lost=0&retrans=0&sent_bytes=7971&recv_bytes=4163&delivery_rate=675837&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19721&unsent_bytes=0&cid=c27813e637ab8206&ts=445&inflight_dur=103&x=103"
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v23/ Frame C8B4 8 KB
0 26ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 42363
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 07:57:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:57:47 GMT
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 blue.jpg
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/backgrounds/home/ Frame C8B4 184 KB
185 KB 90ms
90ms Image
image/jpeg 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/backgrounds/home/blue.jpg
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/home.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/css/home.css

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"2e144-19630f6dedf"
via: 1.1 Caddy
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 188740
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: image/jpeg
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v23/ Frame C8B4 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://fonts.googleapis.com/

Response headers

age: 41730
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 08:08:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 08:08:22 GMT
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ Frame C8B4 0
0 16ms
14ms Fetch
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5770v9138172222za204&_p=1752003832026&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104908321~104908323&cid=1331013189.1752003831&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=1&pscdl=noapi&_eu=AAAAAAQ&_s=1&sid=1752003830&sct=1&seg=1&dl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2Fhome%2F&dr=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2Fpages%2Fhome.html&dt=Home&en=page_view&_ee=1&tfd=484
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/ana.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 settings_manager.js Show response
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/ Frame C8B4 4 KB
0 170ms
168ms Script
text/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/settings_manager.js
Requested by: Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/js/themes.js

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"f26-19630f6df0b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 885
date: Tue, 08 Jul 2025 19:43:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame D39A 56 B
346 B 31ms
8ms Fetch
application/json 141.95.98.64
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

d0285b9b32cb340bb749e06669ae8af187584946bb22af794254bb76fb27ab95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
content-encoding: gzip
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding

OPTIONS
H2 204 openrtb
ex.ingage.tech/v1/ Frame 0
0 146ms
106ms Preflight 2606:4700:10::6816:ac7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ac7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fontgenerator.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fontgenerator.cc
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 95c212af5f2a18d5-FRA
date: Tue, 08 Jul 2025 19:43:52 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Headers

GET
H2 200 tag Show response
btloader.com/ Frame D39A 86 KB
28 KB 41ms
12ms Script
application/javascript 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a3430e17d6238991948c22e59a4119ac308daa84be92fec24814748bd51461

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "6f7d1031bbe7dea1ba688652bcb14ae0"
via: 1.1 google
cf-ray: 95c212aeba988167-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27996
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/javascript
last-modified: Tue, 08 Jul 2025 19:28:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 CEADK5QI.json Show response
srv.buysellads.com/ads/ Frame D39A 0
114 B 59ms
20ms Fetch
application/json 152.42.150.143
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://srv.buysellads.com/ads/CEADK5QI.json?forcebanner=593362&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.42.150.143 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-ams3-2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-origin: *
content-length: 0
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-ams3-2
access-control-allow-headers: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame D39A 492 B
1 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"56dbef354a963eec89c1c0d552909198"
Age: 2192114
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uV0Tyc0CxuOaGC4kkoX0cZyAoFhOMnKIXSJj5LRg%2BUdfNJ7bd2zTHH7%2BXeloFCmsAhYPEDbFX5wHOhLRDZyM0yaIqHpH%2F4HvHaNqO3%2FibDqSIzeZIC97YGTsLua5MdtTuB%2FscfEb2F7Q8dPt"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=6175&min_rtt=5819&rtt_var=1348&sent=26&recv=12&lost=0&retrans=0&sent_bytes=24117&recv_bytes=2723&delivery_rate=3329910&cwnd=254&unsent_bytes=0&cid=6030177981e67284&ts=115&x=0"
Date: Tue, 08 Jul 2025 19:43:52 GMT
Content-Type: application/javascript
Last-Modified: Mon, 24 Mar 2025 20:04:12 GMT
Vary: Accept-Encoding
Transfer-Encoding: chunked
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
CF-RAY: 95c212aeeacfbb41-FRA
Server: cloudflare

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D39A 0
223 B 70ms
14ms Fetch 2a02:2638:3::39
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=25110419439&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::39 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 08 Jul 2025 19:43:51 GMT
vary: Origin
server: Kestrel

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ Frame D39A 82 B
444 B 36ms
9ms Fetch
application/json 35.207.179.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.207.179.213 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS: 213.179.207.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 4a70eaabc41919e3c9a7294111a8503fed2ff5d595ec4a8b23bfd3dd3d79b475

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
content-length: 107
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 adreq Show response
ads.servenobid.com/ Frame D39A 459 B
668 B 665ms
606ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=3842

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

5e530e8a047ca4b767d123ce90b595bb795345fc71cb109c28f759993dbbdadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json
vary: accept-encoding

POST
H/1.1 200
OK buysellads Show response
direct.adsrvr.org/bid/bidder/ Frame D39A 0
420 B 151ms
57ms Fetch
application/json 35.71.170.66
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/buysellads
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.170.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-openrtb-version: 2.3
cache-control: private
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 0
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/json
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame D39A 2 B
247 B 123ms
31ms Fetch
application/json 52.18.217.151
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1752003832153&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=9dd04669-f39a-4220-b91d-cf833a9d985a&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296514&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.217.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-217-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame D39A 2 B
246 B 126ms
34ms Fetch
application/json 52.18.217.151
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1752003832153&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=9dd04669-f39a-4220-b91d-cf833a9d985a&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296516&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.217.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-217-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame D39A 2 B
246 B 119ms
28ms Fetch
application/json 52.18.217.151
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1752003832153&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=9dd04669-f39a-4220-b91d-cf833a9d985a&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296517&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.217.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-217-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame D39A 2 B
246 B 124ms
32ms Fetch
application/json 52.18.217.151
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.45.0&lt=1752003832153&to=-120&aun=bsa-zone_1742380026425-9_123456&pubcid=9dd04669-f39a-4220-b91d-cf833a9d985a&gpid=%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456&t=6dhpqjyv&pi=3&maxw=320&maxh=100&si=1296518&bf=320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250&schain=1.0%2C1!buysellads.com%2C19929%2C1%2C%2C%2C
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.217.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-217-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://fontgenerator.cc
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=UTF-8
server: nginx

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame D39A 140 B
705 B 95ms
40ms Fetch
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

7426ef66bb9df6806d5d7a13359880ed6206c9e1bf5b801d1e2e201d43606d2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.73; 45.141.152.73; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
an-x-request-uuid: 59626819-5562-4224-a57c-b7e5696db743
content-length: 140
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 08 Jul 2025 19:43:52 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame D39A 537 B
632 B 98ms
45ms Fetch
application/json 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&PageUrl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&PageReferrer=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 4a261130a590e87de406b204849c90e414e34d9c92c8f991c044ca019f8e45ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-max-age: 3600
content-encoding: gzip
x-kong-request-id: 3df18c54a2c77a107189bc79fb5d654d
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
via: 1.1 kong/3.9.1
x-kong-upstream-latency: 35
access-control-allow-origin: https://fontgenerator.cc
content-length: 242
date: Tue, 08 Jul 2025 19:43:51 GMT
x-kong-proxy-latency: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: fasthttp
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame D39A 32 B
556 B 157ms
105ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 90
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 08 Jul 2025 19:43:52 GMT
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ Frame D39A 196 B
441 B 182ms
92ms Fetch
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ Frame D39A 53 B
294 B 76ms
27ms Fetch
text/plain 35.186.253.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 05987f7bfefbbfeeb14d4ea1d9329ae77e39db9f6245d4e34a0a550e63d2fe83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
x-forwarded-for: 45.141.152.73
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 08 Jul 2025 19:43:51 GMT
content-type: text/plain
vary: Origin

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame D39A 95 B
1 KB 398ms
116ms Fetch
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22339d6d7daeb711c%22%3A%22fa87082a6d5773189466%7C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%7Cgpid%3D%2F22960212090%2C22921845643%2FFontgenerator_S2S_Leaderboard_CarbonFallback_ROS%23bsa-zone_1742380026425-9_123456%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&s=3b330d03-6d4d-4d0c-ae74-93c0b31d6899&pv=afe7f0c0-9a3e-4fa8-8015-e746a48906a3&vp=mobile&lib_name=prebid&lib_v=8.45.0&us=8&iqid=%7B%22pcid%22%3A%22004db8fb-220f-4cb6-a9c1-6c750d78f6c4%22%2C%22pcidDate%22%3A1752003832161%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22ztxhnpev.eu.portal.apportal.neptune.dns64.de%22%2C%22publisher%22%3A%7B%22domain%22%3A%22ztxhnpev.eu.portal.apportal.neptune.dns64.de%22%7D%2C%22page%22%3A%22https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A300%2C%22h%22%3A120%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F138.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22de%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22buysellads.com%22%2C%22sid%22%3A%2219929%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229dd04669-f39a-4220-b91d-cf833a9d985a%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

74aed87cc28434f1b5301c6563d926195d1f84f8d5104c4d47893ec40c2b0406

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

cache-control: no-cache, no-store, private
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://fontgenerator.cc
content-length: 95
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 08 Jul 2025 19:43:52 GMT
tcn: Choice
content-type: application/json
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-iad-2-6-150
x-xss-protection: 0

POST
H/1.1 204
No Content 65e9e879eab3382166f737dc Show response
exchange.cootlogix.com/prebid/multi/ Frame D39A 0
439 B 319ms
100ms Fetch 45.55.124.119
DIGITALOCEAN-ASN

General

Check archive.org

Download Go to

Full URL: https://exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.55.124.119 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin: https://fontgenerator.cc
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 08 Jul 2025 19:43:52 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame D39A 15 B
389 B 42ms
9ms Fetch
application/json 51.89.9.254
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 19
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 openrtb Show response
ex.ingage.tech/v1/ Frame D39A 81 B
465 B 128ms
108ms Fetch
application/json 2606:4700:10::6816:ac7
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://ex.ingage.tech/v1/openrtb
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:ac7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d799f19a90e76373cb1899792c404676136573609f15d9d85b4d653d4766434e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
content-type: application/json
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 95c212b019359150-FRA
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

POST
H2 202 event Show response
stats.senty.com.au/api/ Frame D39A 2 B
219 B 385ms
125ms XHR
text/plain 104.237.132.182
AKAMAI-LINODE-AP ...

General

Check archive.org

Download Go to

Full URL: https://stats.senty.com.au/api/event
Requested by: Host: stats.senty.com.au
URL: https://stats.senty.com.au/js/script.outbound-links.pageview-props.tagged-events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.132.182 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 104-237-132-182.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://fontgenerator.cc/

Response headers

x-request-id: GFBeNAJdd_cWanYMWaQh
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/plain; charset=utf-8
server: nginx

GET
H2 200 dns Show response
ag.dns-finder.com/meta/ Frame D39A 2 B
233 B 163ms
121ms Fetch
text/plain 34.36.200.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://ag.dns-finder.com/meta/dns
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.200.36.34.bc.googleusercontent.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers: X-Resolver
x-resolver: default
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/plain; charset=utf-8
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ Frame D39A 43 B
626 B 53ms
12ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 113722
x-goog-stored-content-encoding: identity
expires: Wed, 09 Jul 2025 19:43:52 GMT
x-goog-stored-content-length: 43
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: image/gif
vary: accept-encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c212afaf42e7bd-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ Frame D39A 1 KB
130 B 45ms
7ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
age: 42880
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 09 Jul 2025 07:49:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 07:49:12 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ Frame D39A 43 B
110 B 57ms
17ms Image
image/gif 2606:4700:10::ac43:b78
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9042942485512225
Requested by: Host: fontgenerator.cc
URL: https://fontgenerator.cc/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:b78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 113722
x-goog-stored-content-encoding: identity
expires: Wed, 09 Jul 2025 19:43:52 GMT
x-goog-stored-content-length: 43
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: image/gif
vary: accept-encoding
last-modified: Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid: ABgVH88YH1fcJ0zZcIzVKd1cCKgrvWiAw5d8VrInCHf82pqwFabRMdchlv7A0JuBNNgN-R4Wc2N1d8o
cache-control: public, max-age=86400
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 95c212afaf47e7bd-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ Frame D39A 61 KB
991 B 49ms
22ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

Access-Control-Expose-Headers
Content-Encoding: br
CF-Cache-Status: HIT
ETag: W/"4ebf7042f3ba84fbe39534d4fa8c5c86"
Age: 1696060
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xdWzJCoj2u6pFnSozzRNJYykjjD70axOEwbcHBK%2FCarsHo7cpRXN0hm9lrLrEMfdNHME6wMB6t7TIAUYIy%2BIOb94sta%2FRr%2FrVL2sp%2B1Rvnu5vuwKqwq4QjEv0JmHGpsnxcx5%2FqTi6OxaZmC"}],"group":"cf-nel","max_age":604800}
Expires: Tue, 08 Jul 2025 20:13:52 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=5802&min_rtt=5773&rtt_var=1265&sent=5&recv=9&lost=0&retrans=0&sent_bytes=3463&recv_bytes=2405&delivery_rate=677090&cwnd=252&unsent_bytes=0&cid=e50277a57a9a6450&ts=25&x=0"
Date: Tue, 08 Jul 2025 19:43:52 GMT
Last-Modified: Mon, 24 Mar 2025 20:04:09 GMT
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 95c212af9d2d35ed-FRA
Access-Control-Allow-Origin: *
Server: cloudflare

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ Frame D39A 465 B
724 B 16ms
8ms Fetch
application/json 141.95.98.64
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/9343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

2a0cc910773da81c3c24a07fbee7d6de5ad0a9e7f3af64a6dcd9b2b2bdd135ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://fontgenerator.cc
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H3 200 manager.js Show response
app.tinyadz.com/libs/v1.0/ Frame D39A 7 KB
3 KB 145ms
130ms Script
text/javascript 2606:4700:3033::6815:5adc
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://app.tinyadz.com/libs/v1.0/manager.js
Requested by: Host: app.tinyadz.com
URL: https://app.tinyadz.com/scripts/v1.0/ads.js?siteId=68323df081da95ab79451781
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5adc -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88d6e605b6b3818e1a94568e003b57d0b725c0e420abefddab00384c84b3bdcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHBK4qu4Qgvqzk%2FKBEQnBdZEi9vsln0aFFFOzoy5t1T0HqsQvUzeqG4dO6nacYaDQ%2BXU3n2RLcl2GGXB73lh3WHS4o0DGhC6QVaKOWP1rKc6c2fQIFR0YILBT4jaQ%2BS6VUCLTkVNbW6DLyYjHvk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 95c212af998c9bb9-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11449&min_rtt=6193&rtt_var=7382&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3642&recv_bytes=4382&delivery_rate=317925&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15614&unsent_bytes=0&cid=cff1bd823da0c281&ts=135&inflight_dur=48&x=103"
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
server: cloudflare

GET
H2 200 trustedIframe.html Show response
btloader.com/ Frame 130A 3 KB
1 KB 128ms
127ms Document
text/html 2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://btloader.com/trustedIframe.html?o=5102648370397184&tid=MG2Mz9j1-YFY0mLlJ-97eb90e995&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4ad8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72880d853aea4348e973e11843d7c2b00720eaad12fccfbbe0d52398668263fe

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 95c212b06eec8167-FRA
content-encoding: br
content-type: text/html
date: Tue, 08 Jul 2025 19:43:52 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H2 200 country Show response
api.btloader.com/ Frame D39A 37 B
153 B 189ms
121ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/country?o=5102648370397184
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/json
vary: Origin

POST
H2 204 pv
api.btloader.com/ Frame D39A 0
0 185ms
118ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://api.btloader.com/pv?nlf=false&tid=MG2Mz9j1-YFY0mLlJ-97eb90e995&sid=bZId8g0Gkq-GUJCWhW2Ry-97eb90e995&cv=2.1.122-1-g8b9864a&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:52 GMT
vary: Origin

GET
H2 200 eruda Show response
cdn.jsdelivr.net/npm/ 488 KB
130 KB 35ms
11ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/eruda

Requested by

Host: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/uv/uv.config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1037b59d194a76c779dad1264811a995a933a23dd923110fff80ea6bf4254d5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"7a1de-ftP29E/uXJyi0+uU8zxG0BYnmpA"
age: 12526
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230105-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132930
x-jsd-version: 3.4.3

GET
H2 200 home.png
ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/icons/pages/ 13 KB
13 KB 90ms
90ms Image
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to Show image

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/assets/imgs/icons/pages/home.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=86400, must-revalidate, public, max-age=604800
cross-origin-opener-policy: same-origin
etag: W/"32de-19630f6df13"
via: 1.1 Caddy
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 13022
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: image/png
last-modified: Sun, 13 Apr 2025 21:03:27 GMT
x-powered-by: Express

GET
H2 200 favicon.ico
ztxhnpev.eu.portal.apportal.neptune.dns64.de/ 15 KB
3 KB 93ms
93ms Other
image/vnd.microsoft.icon 104.243.38.18
RELIABLESITE

General

Check archive.org

Download Go to

Full URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: / Express
Resource Hash: 17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: public, max-age=604800
content-encoding: gzip
cross-origin-opener-policy: same-origin
etag: W/"3c2e-191c2e4c57b"
via: 1.1 Caddy
alt-svc: h3=":443"; ma=2592000
content-length: 2990
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 05 Sep 2024 15:54:18 GMT
vary: Accept-Encoding
x-powered-by: Express

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ Frame D39A 17 KB
13 KB 65ms
32ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202507010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/pubads_impl.js?cb=31093267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53ac40f5479ba012a6b55bd533f96682ae704750704f83690fe2df69f291b932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13193
date: Tue, 08 Jul 2025 19:43:52 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame D39A 654 B
354 B 71ms
34ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=177394095513432&correlator=171363805642163&eid=31091881%2C31093080%2C95353384%2C95365037%2C31093267%2C31093312%2C83321072&output=ldjh&gdfp_req=1&vrg=202507010101&ptt=17&impl=fifs&iu_parts=22960212090%3A22921845643%2CFontgenerator_S2S_Leaderboard_CarbonFallback_ROS&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250&fluid=height&ifi=1&didk=1335524158&dids=bsa-zone_1742380026425-9_12345&adfs=4189537219&sfv=1-0-45&eri=1&sc=1&cdm=fontgenerator.cc&abxe=1&dt=1752003832846&lmt=1752003832&adxs=30&adys=225&biw=-12245933&bih=-12245933&isw=300&ish=120&scr_x=-12245933&scr_y=-12245933&ucis=ifq722mr8qq8&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Ffontgenerator.cc%2Fembed&ref=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&top=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&vis=1&psz=233x224&msz=240x40&fws=260&ohw=300&topics=5&tps=5&htps=5&a3p=EhMKDGlkNS1zeW5jLmNvbRIBMFgBEjQKCnB1YmNpZC5vcmcSJGNjMzcwNDJjLTQwNzgtNGIwZi04YzNmLTFmYjMzMWI1NTg4MlgB&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1752003831634&idt=326&ppid=cc37042c40784b0f8c3f1fb331b55882&prev_scp=optimize_auction_id%3D1%26optimize_upstreams%3DPrebid%26optimize_ad_unit_id%3Dbsa-zone_1742380026425-9_123456%26optimize_imp_id%3D1752003832823-533ae53b%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=origin%3Dunknown%26ECT%3D4g%26hb_rf%3D0%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddesign%26optimize_env%3Dprod%26optimize_pub%3Dfontgenerator%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Fembed%26optimize_pv_id%3D1752003832822-5a45abf9&adks=400283343&frm=24&eoidce=1&pbbce=1&td=1&egid=42902&tan=0fc416ac-8d69-4bd7-b131-2523647303e3&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/pubads_impl.js?cb=31093267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f457c2a05177f3e30f0e727344af3c4fccec7608b58a645f9b0407929fbf59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://fontgenerator.cc
content-length: 325
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 2080 7 KB
3 KB 77ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/pubads_impl.js?cb=31093267

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Jul 2025 19:43:52 GMT
expires: Tue, 08 Jul 2025 19:43:52 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ Frame D39A 20 KB
7 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202507010101/pubads_impl.js?cb=31093267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

content-encoding: gzip
etag: "1747411493688989"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 08 Jul 2025 19:43:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:52 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7188
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame A2B5 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5044
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Jul 2025 19:33:17 GMT
expires: Tue, 08 Jul 2025 20:23:17 GMT
last-modified: Tue, 13 May 2025 23:17:50 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s3ztVD3gxVjwcEilU3K6E8wzyz3PTyMMKOAkG9oC2Vs.js Show response
pagead2.googlesyndication.com/bg/ Frame A2B5 53 KB
20 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s3ztVD3gxVjwcEilU3K6E8wzyz3PTyMMKOAkG9oC2Vs.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b37ced543de0c558f07048a55372ba13cc33cb3dcf4f230c28e0241bda02d95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/

Response headers

content-encoding: br
age: 16317
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Wed, 08 Jul 2026 15:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 15:11:56 GMT
last-modified: Mon, 30 Jun 2025 09:58:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 20946
x-xss-protection: 0
server: sffe

GET
H3 204 generate_204
ep2.adtrafficquality.google/ Frame A2B5 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?Bfll7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 08 Jul 2025 19:43:53 GMT
cross-origin-resource-policy: cross-origin

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ Frame D39A 0
17 B 48ms
47ms Image
image/ 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202507010101&jk=177394095513432&bg=!MDOlM3zNAAYVY14ENWM7ADQBe5WfOFz698TCqdK7fDvzhB8v35l4Eqrhco4_LXGu6Hmn8WCH3-P3hWiQLZj16n0Cg28YAgAAADhSAAAAA2gBB34ANrozLyJn6jAAmDLld0Gl8su-1Ovsfdi7eL0Gx_qk3YuwgWBOmkeEP65J7EZgNORUxT-9qh_jgQoAU57UkmSjrBEqi_b83ya49I-B3eaNmG_k0kkZnb-KCgDHHlxvJGQxWURZV-AIVjlqw7i-c_1MKqed2tZTjPX8-nFGkqV57uhMZ3bvNn5p1Eft2e0KmQKTbPGqmJQRHP-Hp8EokO32Ha5eSI_r-YRIY_KZnvS_OF5INvH3X9f10P7nxUUUr-hnWzk7HGpmPRYzRTTLs4e7K4ov4f3WC6IA5fHYX1VVHB45TXL1GLzdvDsec4sp_NSMW8wSFoDEad8o4OrUn4g0sHiwyMZaZyLVE93_PBbrJTeTS64wOQaDckUQc3DAz12elEmaOWk3u7Q8tdR2NC-QL1gp-4ayL-2Pg3PVv9T7A41Dw0dApDjo6FoNFxnuyDQtmyDycLAmmXdbu0elwQba85zvqAN_ZkBoXe5FZ9ZdVkK_5fMaCa4_DbY3tDbYiCRD5Xvm5iYp5i1g5TS4Kz2MxG6e4wDxyGidQq_raZDNmWWc4IMuKk7aX0vye2pLRKqK7ozpaCWt7hIXE134XkwYUMkkrgS141uESmDzM3W0pn-zYOPHrrTAry7GO44-FOwQio7bv-x_yBFgq3Ydwywoy4-0N93MdXrLDL7-iT9C0-k1Cmp6UnQHhoZ-E05ptnEZTyCfiqdFDBoeEI5TMywpvoW2WddP55zqpYDcbE1zWL1azlHAWBw2aONl3jQZPwNovHD_T_e0YwUXPx5W7qsDkTJ4H4WnjaCyWYm8mZjuF9XevFXr4vk8tCgZ4YtyvSuWVuDiHNDLqVTo2DwGhe6ksZMes3PbvSAKH0Hn_BCgoZDW0EbmBNS3nwAmJn9TsBlOXnimddffCT8nxD5jwSURmz0IAfGBjEPWIP6_v6jS6CRroHxeW6kNBUpjGhRzU-6xzUD5PtNFGzLU4Rpr-uOZm-arJxTOvBgZdy2iIGUdr_GABcVB9MVQkMU8umIwkKPV08fp5Cser4i4uvOd06iPmzgQ-kEeAe4btCLOVKJFWbMSnw8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 08 Jul 2025 19:43:53 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame D39A 96 KB
31 KB 71ms
26ms Script
text/javascript 2a02:2638:3::28

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Jul 2025 19:43:55 GMT
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:55 GMT
content-type: text/javascript
vary: x-geo-country
server: nginx

POST
H3 204 collect Show response
www.google-analytics.com/g/ 0
20 B 17ms
16ms Fetch
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je5770v9138172222za204&_p=1752003830385&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103200004~103233427~103351869~103351871~104684208~104684211~104718208~104839054~104839056~104885889~104885891~104908321~104908323&cid=1331013189.1752003831&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&sid=1752003830&sct=1&seg=0&dl=https%3A%2F%2Fztxhnpev.eu.portal.apportal.neptune.dns64.de%2F&dt=Shadow&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6035
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/eruda
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 08 Jul 2025 19:43:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7547 16 KB
6 KB 21ms
20ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ztxhnpev.eu.portal.apportal.neptune.dns64.de

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89ba0f3cfc5bd278b337da769c7e82c8006202782e887f522d7a90b38c2533c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Jul 2025 19:43:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 237344
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ Frame D39A 96 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::28

General

Check archive.org

Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::28 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://fontgenerator.cc/

Response headers

cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Jul 2025 19:43:55 GMT
access-control-allow-origin: *
date: Tue, 08 Jul 2025 19:43:55 GMT
content-type: text/javascript
vary: x-geo-country
server: nginx

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 7547 428 B
901 B 22ms
22ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE...

General

Check archive.org

Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=fontgenerator.cc&sn=ChromeSyncframe&so=0&topUrl=ztxhnpev.eu.portal.apportal.neptune.dns64.de&topicsavail=1&fledgeavail=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ztxhnpev.eu.portal.apportal.neptune.dns64.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a539e7e0cf38ba0391ba48a8a6e108d3a03c65c6f2882289deb92e7e01b8f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ztxhnpev.eu.portal.apportal.neptune.dns64.de

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
server-processing-duration-in-ticks: 1075981
expires: 0
date: Tue, 08 Jul 2025 19:43:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET async_usersync.html
acdn.adnxs.com/dmp/ Frame CB59 0
0

GET /
sync.cootlogix.com/api/sync/iframe/ Frame BD17 0
0

GET
H2 200 isync
visitor.omnitagjs.com/visitor/ Frame DB25 12 KB
0 36ms
25ms Document
text/html 34.1.1.166
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.1.1.166 Paris, France, ASN15169 (GOOGLE, US),
Reverse DNS: 166.1.1.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 2719
content-type: text/html; charset=UTF-8
date: Tue, 08 Jul 2025 19:43:55 GMT
p3p: CP="CAO PSA OUR"
server: fasthttp
vary: Accept-Encoding
via: 1.1 kong/3.9.1
x-kong-proxy-latency: 0
x-kong-request-id: d96b7645f79b1d2d6bc88e10b9e4b159
x-kong-upstream-latency: 10

GET
H2 204 /
onetag-sys.com/usync/ Frame B860 0
0 7ms
7ms Document
text/plain 51.89.9.254
OVH OVH SAS

General

Check archive.org

Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1752003832238

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd
buysellads-d.openx.net/w/1.0/ Frame 419D 0
0 53ms
15ms Document
text/html 35.244.159.8

General

Check archive.org

Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-length: 199
content-type: text/html
date: Tue, 08 Jul 2025 19:43:55 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept, Accept-Encoding
via: 1.1 google
x-forwarded-for: 45.141.152.73

GET
H2 200 sync.html
public.servenobid.com/ Frame 0FF8 0
0 47ms
7ms Document
text/html 18.245.31.106

General

Check archive.org

Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/fontgenerator.js?1752003600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.106 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://fontgenerator.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36

Response headers

age: 64104
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 08 Jul 2025 01:55:32 GMT
etag: W/"ee5a228ed26b25eba533061e372a78de"
last-modified: Mon, 10 Mar 2025 17:55:26 GMT
server: AmazonS3
vary: accept-encoding Origin
via: 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
x-amz-cf-id: HYPQbKadayH8zIY-p0uEo9fZLKRU_9sa7Xf8a0ndGTePvrjVJGulng==
x-amz-cf-pop: FRA56-P8
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:12c7a56c-3d1e-4c7b-99b7-ff02ea3f2d40
x-amz-meta-codebuild-content-md5: 7e54bf2818360b18921c120b0820c006
x-amz-meta-codebuild-content-sha256: 1a888b321ba7e7f4a8dfcc92ee11e2b63c55a3e583d8282cfbf800057fef3637
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET usersync
match.adsrvr.org/track/ Frame D39A 0
0

GET getuid
secure.adnxs.com/ Frame DB25 0
0

GET cm-notify
creativecdn.com/ Frame DB25 0
0

GET ayl_pixel
api-ssp.spot.im/pixels/ Frame DB25 0
0

GET rmpssp
sync.1rx.io/usersync2/ Frame DB25 0
0

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame DB25 0
0

GET sync
x.bidswitch.net/ Frame DB25 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame DB25 0
0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame DB25 0
0

GET v1
match.sharethrough.com/universal/ Frame DB25 0
0

GET /
b1sync.zemanta.com/usersync/adyoulike/ Frame DB25 0
0

GET getuid
eb2.3lift.com/ Frame DB25 0
0

GET /
csync.loopme.me/ Frame DB25 0
0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame DB25 0
0

GET cksync.php
hb.trustedstack.com/ Frame DB25 0
0

GET sync
sync.srv.stackadapt.com/ Frame DB25 0
0

GET pixel
ap.lijit.com/ Frame DB25 0
0

GET sync.html
sync.contextualadv.com/ Frame DB25 0
0

GET pixel
ap.lijit.com/ Frame DB25 0
0

GET sync
rtb.bid.com/ Frame DB25 0
0

GET pixel
ap.lijit.com/ Frame DB25 0
0

GET 9933ca8fbb5437507921373139bb00a0.gif
usync.smxconv.com/ Frame DB25 0
0

GET 3ccb4268afab0c2b1373a8a8fdc5011f.gif
csync.copper6.com/ Frame DB25 0
0

GET 101967
jadserve.postrelease.com/suid/ Frame DB25 0
0

GET cm
u.openx.net/w/1.0/ Frame DB25 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame DB25 0
0

GET f3c49daf592d06bab39258cac72c0de9.gif
csync.copper6.com/ Frame DB25 0
0

GET 0
prebid.a-mo.net/cchain/ Frame DB25 0
0

GET pbsync
ads.yieldmo.com/ Frame DB25 0
0

GET cookiesync
bttrack.com/pixel/ Frame DB25 0
0

GET 711333.gif
id.rlcdn.com/ Frame DB25 0
0

GET ortb_sync
gum.aidemsrv.com/ Frame 32A5 0
0

GET iframe
audienceexposure.com/ Frame EFBC 0
0

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame E009 0
0

GET usync.html
eus.rubiconproject.com/ Frame F238 0
0

GET /
ssc-cms.33across.com/ps/ Frame 12C4 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame CDC1 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 85EF 0
0

GET /
ssc-cms.33across.com/ps/ Frame 5235 0
0

GET /
ssc-cms.33across.com/ps/ Frame 54C2 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 3E54 0
0

GET user-sync
sync.adkernel.com/ Frame C885 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 6C16 0
0

GET /
onetag-sys.com/usync/ Frame D648 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ztxhnpev.eu.portal.apportal.neptune.dns64.de
URL: https://ztxhnpev.eu.portal.apportal.neptune.dns64.de/baremux/worker.js

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Domain: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_XANDR%26ttl%3D720%26uid%3Dfc1c60cd86bc9d21889d1f9cc47ab50f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=1&gdpr_consent=

Domain: api-ssp.spot.im
URL: https://api-ssp.spot.im/pixels/ayl_pixel?ayl_id=07ddfafc30c3846acc9b290450084ebd

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync2/rmpssp?sub=adyoulike&gdpr=1&gdpr_consent=

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRichAudience%26ttl%3D720%26uid%3De33590f6de70f789c6aa5ba72b5e547c%26visitor%3D%5BPDID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=1&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=1&gdpr_consent=

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/universal/v1?supply_id=wldemn0V&gdpr=1&gdpr_consent=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_TRIPLELIFT%26ttl%3D720%26uid%3De217d8a485cb4bc1c2854b511ca26ae8%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D&gdpr=1&gdpr_consent=

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156813&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_PUBMATIC%26ttl%3D720%26uid%3D873f14ee249cfcabb9bfa17d23686d63%26visitor%3D%23PMUID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: hb.trustedstack.com
URL: https://hb.trustedstack.com/cksync.php?cs=66&type=opw&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3F%26uid%3D6a4186b759e18e574be0648ddd5e766a%26visitor%3D%3Cvsid%3E&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=33&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_VIDEO%26ttl%3D720%26uid%3D14b8487cccb69ed1c7083f34af9c9c7f%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: sync.contextualadv.com
URL: https://sync.contextualadv.com/sync.html?pubid=197&pubuid=${UID}&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN_APP%26ttl%3D720%26uid%3Dcf7670e1d20b737804cf859fa1318914%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: rtb.bid.com
URL: https://rtb.bid.com/sync?ssp=adyoulike&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_SOVRN%26ttl%3D720%26uid%3D27349c3c4b4c5a48c7c7f4938ab918e6%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: usync.smxconv.com
URL: https://usync.smxconv.com/9933ca8fbb5437507921373139bb00a0.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMOOT_AI%26ttl%3D720%26uid%3De53a38d880e1279a98bf1a6cf9d7d373%26visitor%3D%5BUID%5D

Domain: csync.copper6.com
URL: https://csync.copper6.com/3ccb4268afab0c2b1373a8a8fdc5011f.gif?redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_COPPER6%26ttl%3D720%26uid%3D28acaf13e408a52aee4358368b1d9f0b%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_OPENX%26ttl%3D720%26uid%3Dfbb8afe8eeaca30016588a1cebad4210%26visitor%3D%7BOPENX_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_INDEX%26ttl%3D720%26uid%3D6b882ebc903fbdf00a60398f542a5c35%26visitor%3D%7BuserId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: csync.copper6.com
URL: https://csync.copper6.com/f3c49daf592d06bab39258cac72c0de9.gif?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D0fccaa3ff6e0f9ec339e7eb753458ab3%26visitor%3D%5BUID%5D&gdpr=1&gdpr_consent=

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dcc74a90418053c5e5c118472fd8c7507%26visitor%3D

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D642b2fc65afcd5ddddcf2d0e96254052%26visitor%3D

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbsync?is=adyl&redirectUri=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DYIELDMO%26ttl%3D720%26uid%3D3ee5cefc896f9db66dd131a32a91d57f%26visitor%3D%24UID&gdpr=1&gdpr_consent=

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=1&gdpr_consent=

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/711333.gif?

Domain: gum.aidemsrv.com
URL: https://gum.aidemsrv.com/ortb_sync?gdpr={GDPR}&consent={GDPR_CONSENT}&us_privacy={US_PRIVACY}&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DAIDEM%26ttl%3D720%26uid%3Db2f604635d0b9abde52139fc8a8034be%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: audienceexposure.com
URL: https://audienceexposure.com/iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DBRAVE_IO%26ttl%3D720%26uid%3D1dd849eac6b255853660ea3ed55cb2b4%26visitor%3D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DRISE_CODES%26ttl%3D720%26uid%3D48b439bcf2930e6408d6e795f7f1cdd2%26visitor%3D%7BpartnerId%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike_2&endpoint=eu&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS%26ttl%3D720%26uid%3D2f9442d7df2189f76c8b593d5f54ce95%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3D33ACROSS_VIDEO%26ttl%3D720%26uid%3D0e36e8655c40248fb8d2e311b5db1153%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00003HljHyAAJ&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DOW_33ACROSS%26ttl%3D720%26uid%3D25492590fe216b332ae998485e25beb4%26visitor%3D33XUSERID33X%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=261976&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADSOLUT%26ttl%3D720%26uid%3D1914a28ad9f7cf23695694b8008de71e%26visitor%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=1&gdpr_consent=

Domain: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&us_privacy=${US_PRIVACY}

Verdicts & Comments Add Verdict or Comment

43 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dns64.de/	1970-01-21 16:16:03	Name: _ga Value: GA1.1.1331013189.1752003831
.id5-sync.com/	1970-01-21 08:49:39	Name: id5 Value: 413595a5-5931-7c8b-82e0-6486ab3b8e4b#1752003832042#1
.dns64.de/	1970-01-21 16:16:03	Name: _ga_NCTSG4T1B6 Value: GS2.1.s1752003830$o1$g1$t1752003832$j58$l0$h0
prebid.media.net/	1970-01-21 10:59:15	Name: receive-cookie-deprecation Value: 1
.ingage.tech/	1970-01-21 08:49:39	Name: instUid Value: d4877ad1-2884-452e-bf9a-8e74790d00b1
.ingage.tech/	1970-01-21 08:49:39	Name: cookieRegion Value: wdc
.go.sonobi.com/	1970-01-21 15:25:39	Name: __uis Value: 7761f6e0-c82f-4073-b3ec-6aaf22ba05ed
.go.sonobi.com/	1970-01-21 06:41:30	Name: _usd_ztxhnpev.eu.portal.apportal.neptune.dns64.de Value: afe7f0c0-9a3e-4fa8-8015-e746a48906a3
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-21 06:40:04	Name: __uih Value: 1
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86150\|aG10+
fontgenerator.cc/	1970-01-21 06:40:03	Name: TESTCOOKIESENABLED Value: 1
.fontgenerator.cc/	1970-01-21 10:59:15	Name: __eoi Value: ID=fc968a2f3f5efc3e:T=1752003832:RT=1752003832:S=AA-AfjZL_REiuRCfam7VP5s0Btzc

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bnalk&size=24 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0704302AC2E0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
security	warning	URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4 Message: Mixed Content: The page at 'https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4' was loaded over HTTPS, but requested an insecure element 'http://sync.contextualadv.com/sync.html?pubid=197&pubuid=${UID}&gdpr=1&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4 Message: Mixed Content: The page at 'https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4' was loaded over HTTPS, but requested an insecure element 'http://sync.contextualadv.com/sync.html?pubid=197&pubuid=${UID}&gdpr=1&gdpr_consent='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

962ef8b80316b2045427fd6e9236c970.safeframe.googlesyndication.com
acdn.adnxs.com
acscdn.com
ad-delivery.net
ad.doubleclick.net
ads.servenobid.com
ads.yieldmo.com
ag.dns-finder.com
ap.lijit.com
apex.go.sonobi.com
api-ssp.spot.im
api.btloader.com
app.tinyadz.com
audienceexposure.com
b1sync.zemanta.com
bidder.criteo.com
btloader.com
bttrack.com
buysellads-d.openx.net
cdn.jsdelivr.net
cdn4.buysellads.net
cdnjs.cloudflare.com
creativecdn.com
cs-server-s2s.yellowblue.io
csync.copper6.com
csync.loopme.me
direct.adsrvr.org
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
ex.ingage.tech
exchange.cootlogix.com
fontgenerator.cc
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gum.aidemsrv.com
gum.criteo.com
hb-api.omnitagjs.com
hb.trustedstack.com
hb.yellowblue.io
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image8.pubmatic.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
partner.senty.com.au
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
public.servenobid.com
rtb.bid.com
rtb.openx.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.criteo.net
stats.senty.com.au
stpd.cloud
sync.1rx.io
sync.adkernel.com
sync.contextualadv.com
sync.cootlogix.com
sync.richaudience.com
sync.srv.stackadapt.com
t3.gstatic.com
u.openx.net
usrpubtrk.com
usync.smxconv.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
youradexchange.com
ztxhnpev.eu.portal.apportal.neptune.dns64.de
acdn.adnxs.com
ads.yieldmo.com
ap.lijit.com
api-ssp.spot.im
audienceexposure.com
b1sync.zemanta.com
bttrack.com
creativecdn.com
cs-server-s2s.yellowblue.io
csync.copper6.com
csync.loopme.me
eb2.3lift.com
eus.rubiconproject.com
gum.aidemsrv.com
hb.trustedstack.com
id.rlcdn.com
image8.pubmatic.com
jadserve.postrelease.com
match.adsrvr.org
match.sharethrough.com
onetag-sys.com
prebid.a-mo.net
rtb.bid.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync.1rx.io
sync.adkernel.com
sync.contextualadv.com
sync.cootlogix.com
sync.richaudience.com
sync.srv.stackadapt.com
u.openx.net
usync.smxconv.com
x.bidswitch.net
ztxhnpev.eu.portal.apportal.neptune.dns64.de
104.237.132.182
104.243.38.18
130.211.23.194
141.95.98.64
143.244.197.139
152.42.150.143
159.65.211.77
172.217.16.198
178.250.1.11
18.245.31.106
185.89.210.212
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::6816:ac7
2606:4700:10::ac43:b78
2606:4700:20::681a:9a9
2606:4700:3031::ac43:80bd
2606:4700:3033::6815:5adc
2606:4700:3033::6815:5c21
2606:4700::6811:180e
2606:4700::6812:11c9
2606:4700::6812:1862
2606:4700::6812:1e31
2607:f350:3:2569:0:10:0:a
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2004
2a02:2638:3::28
2a02:2638:3::39
2a04:4e42:200::485
2a04:4e42:600::485
2a06:98c1:3120::3
34.1.1.166
34.120.63.153
34.36.200.111
35.186.253.211
35.207.179.213
35.244.159.8
35.244.193.51
35.71.170.66
45.55.124.119
51.89.9.254
52.18.217.151
54.194.198.116
89.149.192.65
042a1652e0b3d20d268a194befaea0c5841026a91a14214abac003d605e0ed65
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
05987f7bfefbbfeeb14d4ea1d9329ae77e39db9f6245d4e34a0a550e63d2fe83
0896cbd7d00a2469720e8bdb0e03bf120e45ee46dd5e33f974579189fd31dfd4
0b11eecfa382b1f2092d94e727a0145c9f6c2866e04419eef89e9bc381c7a787
1037b59d194a76c779dad1264811a995a933a23dd923110fff80ea6bf4254d5d
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
11c09bfb0a6a92e9cbd914a5f86731118b052d2fdef2a6a0eac31b1780d3d97b
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
1562c1b6966919f59dad5ce26d7ce05a4ecdfc4e6f7f9b8d1d6fa826508794cc
17121520efdb21823ea10bdc2115a34f772f78c0bea04cfdff41d615c520616e
19492573e99443369d3da235c38f1a430842fce993891f89054f0c7e4e4389e7
217bef43e1ece84e8dc9eb6f2e6629b6d24d8738c663f47f33edc697b9a097a5
24c817c4fef658a57754e07c2c89b185e9de3a2bc4261d7e863b345f27df82c4
26170f6e512b65921c72efdda4caa9e0a3a362a49625e5ca5e92a2efe74e7cda
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e4e7a0c6b40bdb906e159a7fcc48a1e920325ccdbf58fff250b40794ee1281
2a0cc910773da81c3c24a07fbee7d6de5ad0a9e7f3af64a6dcd9b2b2bdd135ba
2f457c2a05177f3e30f0e727344af3c4fccec7608b58a645f9b0407929fbf59a
33c90221403fec4c268cf866ea954a740331d68ef1255c628a386093225ee109
36de703e2f5911ab433271a452e95a337f38d2007d0a001fa2ca561e78d351df
40847f04a0b4dbacd513872a0472555bf0dd89cfcd4c7d905a0166469f80b438
41e9e0b7ccf8d3af68bcbb38488e18d48198ee131b2df9ff128e4e6e911099c6
43a3e372402bfb25769362c3bec3d499288057329987e4a56fecb909e116ec26
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a261130a590e87de406b204849c90e414e34d9c92c8f991c044ca019f8e45ea
4a70eaabc41919e3c9a7294111a8503fed2ff5d595ec4a8b23bfd3dd3d79b475
4e3e6b20f1eae4923f24bf1e3dab2dde56b255c331cdc17b9507e790a48cc36b
4f6d3ce6fee0211ee389d61a9344b2f0ff30dc1f7db4e6fd9f2e9417f800afc6
504460751d9d131dae7dcd29927c1cd147be3cb0651003de4ee6b0fea5fef6ae
53ac40f5479ba012a6b55bd533f96682ae704750704f83690fe2df69f291b932
56e70443c37648d17bb54e83ae0028731328f86afb12edd626e8584718be71e0
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5ae11f172d05e8b0e39de3fcda74a3187cb9a16ae18f1c4bf528f97ee0f2ef54
5bcae56fb9334fe8446c36552a142eab9929fe2a2c91732072dd20818c9c17dc
5d881b69841cd18f3db8831bd5f0e57149fecd4064d156cb1d3f982626903d60
5e530e8a047ca4b767d123ce90b595bb795345fc71cb109c28f759993dbbdadd
5eff7005425c542db2290b5ccdf4e0a65c4219273a665ce0425264274e536ea6
625e266d5e517f15a1973b9d7f06ccdba9a8726e46a17801d4424b3efce98cd6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
69d9ac5984ab481e3a40b4b75c330920e56aa12c8d37bfaccc4ab6cedcdda50f
6a539e7e0cf38ba0391ba48a8a6e108d3a03c65c6f2882289deb92e7e01b8f13
6d35a7ee5aac9714da95d1a4f632cdb97d560a5ecf5e3908a1d229bc8c1057c0
72880d853aea4348e973e11843d7c2b00720eaad12fccfbbe0d52398668263fe
731c3411d0f309309a97628ba465af31050e0866d07e116f7ea5a1c35e9b99c5
734e0e4308c5fbb5999269d165b1a54cdaead6e156cf8e7b07692a15dd70bdb1
7426ef66bb9df6806d5d7a13359880ed6206c9e1bf5b801d1e2e201d43606d2b
74a76e5980403a11a657d3ad5f43ea97fae94b8d1cdec9886eb23bdbc645dbe1
74aed87cc28434f1b5301c6563d926195d1f84f8d5104c4d47893ec40c2b0406
7615d88d76f22ea736b366355ebf6beefffdf3878fb49da898dc77ebbfabf857
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84f796be2fbef3583823bc3bae446c8ce5aa1e5b407d74cc021c22137a9ba859
8538b1993b3e409b97eb358a67ea08e9b2bb9b3f645a182a38badefce054530b
88d6e605b6b3818e1a94568e003b57d0b725c0e420abefddab00384c84b3bdcc
89ba0f3cfc5bd278b337da769c7e82c8006202782e887f522d7a90b38c2533c2
8a346698d1fe701441863c329bf5132a5536faeaa68ccd7751931726ad04b329
8b6965a87cf7118c3c59e80a39eb18dfead63c4a4b8e0a1e0134f5842cd4d8cc
8e1c63600bf52ac2101c85ecdef6f843d1d593f6c097f32591fcfea496ec4073
92335a8a579ab20778ad116b2e403ac436989b7c6b760bd9e906d451483ddb24
9de56ba22416192d18869051fdaa33876a9b6b3c7ed326abc7c8cc8503027797
a07ed6c92587063c8a3f828c58ed8076071418ca3181e9f67817c8d5041b0c47
a2ea232bb2f4cf7d88071aea08c659f762ee01d0e0a1ed845db965d470d47396
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abf9bfd998405a38e5f5f61e533e4de1298162efc4409b1f161ea04e5901c366
b15de36af5d8f15fbcec15399552be03a05cab1c61543b0232e7e2342e76494c
b37ced543de0c558f07048a55372ba13cc33cb3dcf4f230c28e0241bda02d95b
b6edcc080295bc506745b15d215226f6a80283818ef60e1e8805992c9c06f143
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bdaf47b5db2c6b13b97a28df68b67180dc0fcda656776ae345b264c2183b9ef2
bfbf77facc0b33343150d420aa0f7e582e1657070c51895cdec89299922d96cc
c0511e29e2d9e3aa83ab107e55b5e3c2ca9c90c04027a2f551fca1d403fd9cd6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0285b9b32cb340bb749e06669ae8af187584946bb22af794254bb76fb27ab95
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d4be4824499330afdd7139a22d7ad59bd2146bc17565e9ac961461388245b0dc
d799f19a90e76373cb1899792c404676136573609f15d9d85b4d653d4766434e
d8e3783dafaec68331904ad2dcec69ba0e18c55290155020a063afe70938220a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a3430e17d6238991948c22e59a4119ac308daa84be92fec24814748bd51461
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc1293460e62d8f4d91ef29b9bac4f123837f7c2c840ef3a52763782c12bc682
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
e3715d1fe227e6550c249faf6362adb08c08898bc88db2192ea12b39b8be0974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e970bdd269198fc1bf6183c389d2d299cf05c1e7b2076cee4fcf6ba7ac01be02
ea7fb526203a7e6eed35cc2fcdc98c76cb136dba25b23fae9e5fab3588877596
ed15bbf4c911176993b47242f02fa0a03836b69685068e527c3bd74297fb4588
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5f36977e96a38963c796982ed3915e49673ba0b63f3d51031a1500c1f0907bd
f9d8e58b6cdcdf7831511b8a69c82bc6b71c335ade7b7efa21b634e08cf9789d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ztxhnpev.eu.portal.apportal.neptune.dns64.de 104.243.38.18 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

178 Requests

70 %HTTPS

55 %IPv6

71 Domains

89 Subdomains

53 IPs

7 Countries

1688 kBTransfer

5823 kBSize

13 Cookies

1 Outgoing links

Redirected requests

178 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ztxhnpev.eu.portal.apportal.neptune.dns64.de
104.243.38.18 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

178
Requests

70 %
HTTPS

55 %
IPv6

71
Domains

89
Subdomains

53
IPs

7
Countries

1688 kB
Transfer

5823 kB
Size

13
Cookies

178 HTTP transactions
0 data transactions