urlscan.io logo urlscan.io
SecurityTrails logo

webfonts.ffonts.net Open in urlscan Pro
95.216.234.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://webfonts.ffonts.net/
Submission: On October 28 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 12 countries across 38 domains to perform 349 HTTP transactions. The main IP is 95.216.234.12, located in Finland and belongs to HETZNER-AS, DE. The main domain is webfonts.ffonts.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2020. Valid for: 2 years.
This is the only time webfonts.ffonts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 95.216.234.12 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:20d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
31 216.58.212.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 35.190.77.178 15169 (GOOGLE)
50 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:e2:... 13335 (CLOUDFLAR...)
12 65.9.24.128 16509 (AMAZON-02)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
8 104.16.68.69 13335 (CLOUDFLAR...)
4 72.251.249.13 29791 (VOXEL-DOT...)
1 9 34.98.64.218 15169 (GOOGLE)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 69.173.144.140 26667 (RUBICONPR...)
4 185.86.139.29 201081 (SMARTADSE...)
8 104.111.215.135 16625 (AKAMAI-AS)
4 185.184.8.30 204995 (RTB-HOUSE...)
16 37.157.4.41 198622 (ADFORM)
2 10 185.33.221.89 29990 (ASN-APPNEX)
4 18.196.104.43 16509 (AMAZON-02)
4 178.250.2.131 44788 (ASN-CRITE...)
4 12 104.111.230.142 16625 (AKAMAI-AS)
12 2a00:1450:400... 15169 (GOOGLE)
2 104.18.5.23 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 4 54.38.133.13 16276 (OVH)
2 3 54.38.133.12 16276 (OVH)
4 8 52.95.124.170 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
16 104.18.13.5 13335 (CLOUDFLAR...)
4 85.206.143.247 43811 (TELIA-LIE...)
10 37.157.2.248 198622 (ADFORM)
2 4 216.58.206.6 15169 (GOOGLE)
6 104.111.215.68 16625 (AKAMAI-AS)
2 2.18.233.180 16625 (AKAMAI-AS)
3 3 35.156.245.144 16509 (AMAZON-02)
2 2 35.210.181.65 19527 (GOOGLE-2)
4 37.157.6.252 198622 (ADFORM)
2 2 213.155.156.181 1299 (TELIANET ...)
1 1 167.99.220.155 14061 (DIGITALOC...)
6 2a02:2638:1::3 44788 (ASN-CRITE...)
4 104.17.120.107 13335 (CLOUDFLAR...)
4 151.101.113.108 54113 (FASTLY)
349 48
25    95.216.234.12 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.234.216.95.clients.your-server.de
webfonts.ffonts.net
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
5    2600:9000:20d7:9a00:1:c815:1b40:21 (United States)

ASN16509 (AMAZON-02, US)
d144mzi0q5mijx.cloudfront.net
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
31    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    35.190.77.178 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 178.77.190.35.bc.googleusercontent.com
cloud.setupad.com
50    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
pagead2.googlesyndication.com
adservice.google.com
googleads.g.doubleclick.net
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
7    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com
dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com
55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com
23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com
3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
12    65.9.24.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
8    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
9    34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
setupad-d.openx.net
eu-u.openx.net
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.86.139.29 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
8    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
js-sec.indexww.com
4    185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net
prebid-eu.creativecdn.com
16    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
10    185.33.221.89 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
4    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
12    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
12    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
tpc.googlesyndication.com
2    104.18.5.23 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
2    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    54.38.133.13 (France)

ASN16276 (OVH, FR)
PTR: ip13.ip-54-38-133.eu
lv.adocean.pl
3    54.38.133.12 (France)

ASN16276 (OVH, FR)
adlv.hit.gemius.pl
8    52.95.124.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
14    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
16    104.18.13.5 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
4    85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-143-247.static.zebra.lt
node.setupad.com
10    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    216.58.206.6 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f6.1e100.net
ad.doubleclick.net
6    104.111.215.68 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-68.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
3    35.156.245.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.210.181.65 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 65.181.210.35.bc.googleusercontent.com
rtb.4finance.com
4    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
cm.adform.net
2    213.155.156.181 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, EU)
d5p.de17a.com
1    167.99.220.155 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
6    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com
dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com
55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com
23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com
3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com
242 KB
38 doubleclick.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
672 KB
30 adform.net
adx.adform.net
track.adform.net
s1.adform.net
cm.adform.net
447 KB
25 ffonts.net
webfonts.ffonts.net
2 MB
20 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
137 KB
20 googletagservices.com
www.googletagservices.com
491 KB
16 tribalfusion.com
s.tribalfusion.com
6 KB
16 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
10 KB
14 adnxs.com
ib.adnxs.com
acdn.adnxs.com
8 KB
13 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
6 KB
12 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
12 KB
10 ampproject.org
cdn.ampproject.org
213 KB
9 openx.net
setupad-d.openx.net
eu-u.openx.net
3 KB
9 google.com
adservice.google.com
www.google.com
2 KB
8 districtm.io
dmx.districtm.io
cdn.districtm.io
872 B
8 4dex.io
script.4dex.io
78 KB
7 google.de
adservice.google.de
2 KB
7 setupad.com
cloud.setupad.com
node.setupad.com
651 KB
6 criteo.net
static.criteo.net
143 KB
5 gstatic.com
fonts.gstatic.com
65 KB
5 cloudfront.net
d144mzi0q5mijx.cloudfront.net
51 KB
4 indexww.com
js-sec.indexww.com
4 brealtime.com
biddr.brealtime.com
4 adocean.pl
lv.adocean.pl
224 KB
4 emxdgt.com
hb.emxdgt.com
1 KB
4 creativecdn.com
prebid-eu.creativecdn.com
692 B
4 casalemedia.com
as-sec.casalemedia.com
4 KB
4 smartadserver.com
prg.smartadserver.com
4 KB
4 lijit.com
ap.lijit.com
3 KB
4 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
8 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 gemius.pl
adlv.hit.gemius.pl
983 B
2 de17a.com
d5p.de17a.com
480 B
2 4finance.com
rtb.4finance.com
2 KB
2 exponential.com
tags.expo9.exponential.com
28 KB
2 google-analytics.com
www.google-analytics.com
19 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
492 B
1 googleadservices.com
partner.googleadservices.com
405 B
349 38
Domain Requested by
28 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
webfonts.ffonts.net
25 webfonts.ffonts.net webfonts.ffonts.net
20 www.googletagservices.com webfonts.ffonts.net
securepubads.g.doubleclick.net
s.tribalfusion.com
pagead2.googlesyndication.com
17 pagead2.googlesyndication.com securepubads.g.doubleclick.net
s.tribalfusion.com
pagead2.googlesyndication.com
16 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
webfonts.ffonts.net
16 tpc.googlesyndication.com webfonts.ffonts.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
12 track.adform.net cloud.setupad.com
s1.adform.net
lv.adocean.pl
12 c.amazon-adsystem.com webfonts.ffonts.net
c.amazon-adsystem.com
10 s1.adform.net track.adform.net
s1.adform.net
webfonts.ffonts.net
lv.adocean.pl
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 ib.adnxs.com 2 redirects cloud.setupad.com
lv.adocean.pl
8 aax-eu.amazon-adsystem.com 4 redirects c.amazon-adsystem.com
8 eus.rubiconproject.com webfonts.ffonts.net
cloud.setupad.com
lv.adocean.pl
8 script.4dex.io cloud.setupad.com
script.4dex.io
lv.adocean.pl
7 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 static.criteo.net cloud.setupad.com
static.criteo.net
lv.adocean.pl
6 ads.pubmatic.com webfonts.ffonts.net
cloud.setupad.com
lv.adocean.pl
5 eu-u.openx.net 1 redirects cloud.setupad.com
lv.adocean.pl
5 gum.criteo.com 4 redirects static.criteo.net
5 fonts.gstatic.com fonts.googleapis.com
5 d144mzi0q5mijx.cloudfront.net webfonts.ffonts.net
d144mzi0q5mijx.cloudfront.net
4 acdn.adnxs.com cloud.setupad.com
lv.adocean.pl
4 cdn.districtm.io cloud.setupad.com
lv.adocean.pl
4 js-sec.indexww.com cloud.setupad.com
lv.adocean.pl
4 biddr.brealtime.com cloud.setupad.com
lv.adocean.pl
4 cm.adform.net webfonts.ffonts.net
4 ad.doubleclick.net 2 redirects webfonts.ffonts.net
4 node.setupad.com webfonts.ffonts.net
4 lv.adocean.pl 2 redirects webfonts.ffonts.net
4 secure-assets.rubiconproject.com 4 redirects
4 bidder.criteo.com cloud.setupad.com
lv.adocean.pl
4 hb.emxdgt.com cloud.setupad.com
lv.adocean.pl
4 adx.adform.net cloud.setupad.com
lv.adocean.pl
4 prebid-eu.creativecdn.com cloud.setupad.com
lv.adocean.pl
4 as-sec.casalemedia.com cloud.setupad.com
lv.adocean.pl
4 prg.smartadserver.com cloud.setupad.com
lv.adocean.pl
4 fastlane.rubiconproject.com cloud.setupad.com
lv.adocean.pl
4 hbopenbid.pubmatic.com cloud.setupad.com
lv.adocean.pl
4 setupad-d.openx.net cloud.setupad.com
lv.adocean.pl
4 ap.lijit.com cloud.setupad.com
lv.adocean.pl
4 dmx.districtm.io cloud.setupad.com
lv.adocean.pl
4 mug.criteo.com webfonts.ffonts.net
3 x.bidswitch.net 3 redirects
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 adlv.hit.gemius.pl 2 redirects webfonts.ffonts.net
3 cloud.setupad.com webfonts.ffonts.net
3 fonts.googleapis.com ajax.googleapis.com
securepubads.g.doubleclick.net
2 d5p.de17a.com 2 redirects
2 rtb.4finance.com 2 redirects
2 aktrack.pubmatic.com webfonts.ffonts.net
2 49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google.com 1 redirects webfonts.ffonts.net
2 tags.expo9.exponential.com securepubads.g.doubleclick.net
2 www.google-analytics.com webfonts.ffonts.net
www.google-analytics.com
2 pubads.g.doubleclick.net webfonts.ffonts.net
1 3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ajax.googleapis.com webfonts.ffonts.net
349 65
Subject Issuer Validity Valid
*.ffonts.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-21 -
2022-06-20		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
cloud.setupad.com
GTS CA 1D2		 2020-10-03 -
2021-01-01		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018		 2019-01-11 -
2021-04-11		 2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2020-05-22 -
2021-05-22		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA		 2020-01-27 -
2022-02-05		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
node.setupad.com
Let's Encrypt Authority X3		 2020-09-20 -
2020-12-19		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.adform.net
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-06-02		 a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-06 -
2021-04-14		 6 months crt.sh

This page contains 77 frames:

Primary Page: https://webfonts.ffonts.net/
Frame ID: 012A524B08390B2DB78289B6FCFCF8D5
Requests: 48 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/stpd200611_2.js
Frame ID: C4FCD5C68632F506F93E3FCCB04BA1AD
Requests: 33 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/stpd200611_2.js
Frame ID: DEB7EB768B596BF85EDFA0C129027775
Requests: 33 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 24979A52694FE27A490FDA9C214CC9B0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 0288006C9B3176353631D2B00A812513
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: CF692BFCC0A2259A087B04925556D592
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9lAvaxfb7kBdwccKzxS6XySy06TrU6FAvj1L5p1vCs0Q31pKVwbAgvvLWB8TO3ALhZYxTHat_HqAFpjszDCALSWQDg4xUMFm5oqmLueCn2KmJlQz9ilmHX9M6d2dFUpfjO069ukZ8Kzi1xdvcmJBt2LTUEzFqnaKSg7GzJso642DYno3Mw1hWs-M5gPEfcllNXfZA_zzRq2h_4R9H4RAIfu-x9oX-lXO8kNPjcYosJV11gxCXk__e5qJpxYWIQPkzdbsTdg1XVPM-&sai=AMfl-YSCqvhrMEiA7Pd8B6j1xvs5sVIuU25vkBKvFvPTBv-QwEBEtHgExSD5nzDpkZOdPA6_MCJRiANDDNPYnx2RdXwuHZKg4m2TFSPHVgkpC_o9r0FHjerzpqsjlbv0UmU&sig=Cg0ArKJSzO-4dtthvm6LEAE&urlfix=1&adurl=
Frame ID: FCC9A0908FD5BD4B713A09390774DBBB
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Frame ID: 30E1DBBC60090C488994C7E6A2641F1E
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwXSBy-p_zScHxAENxA3lpqi4X6B0xprbQMppT-pOZH_jvInr7y-g_235B0jD6xXyY0kebKj1SUjciVQET1gFOGt3GMOKF7lVlmccuLFMTdQaf19ptHw2hiD_YXf5oRf4s2pE2SvzRyzw6G-b450IJw8nwFoqIDD3xgYrMBEIWuKbnxLCyCOruj2_2bqoA_QAkV_McuZkVFnWm_seGJaAVHeLYPL5f_v92YM224MOUgax67pqbeiUOzIxu_oywnsrtugQ&sai=AMfl-YTGBDFk_8Q0465tJ3L9iwW2KF5tqWWZaJS3YcZ1l4mo41oRntdKwK30zjejoSwnbNCXk2kE0q9ZgoSnRUvpcyZFJwAh-3aZQ8uAjBGj54ItZO_7rkehr2slKOLej6U&sig=Cg0ArKJSzHMUGuRJ25VHEAE&urlfix=1&adurl=
Frame ID: 1035F8E08C0EDB65E1F84581D8B30F0A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurbWH2DhlbejdPrOyb2IY48kv1sj8l2BOnstqh73dfLmoYQFSzoxZAbAvNXgHr8yWYQoQk3g3dR_oSTpdVc34acb-pkM2vm-vTZ5xbUR5wGopPwvr6_iHciTQ_yMmMh_xC0x24iBEHnqMnJiy-nf5lNkv7Mj3OApfTW3SJYhl6SPuSbrRsCfw9QJ9anSlb4qGiqb1orK4QsA1A7--02uxTNsegVMnuhfNLcgYSirvSs5H1JROpqBFqPjHtF84TlSHdbuXOMDF4k0Herbg&sai=AMfl-YTWK484RCYZXRJCKhPpJPmyoTGfJmYJXVpQghnMRaW_X2dzghFCGdatF1geZ3JB7Wh_c4Yy_d4frpoC7klhhD7Q875zI2WEHU24azMXj9iCoyiME_k-9qSVHpLRZLc&sig=Cg0ArKJSzHb1K7biof5DEAE&urlfix=1&adurl=
Frame ID: A0C722CE35E5195094A50C50A72CC225
Requests: 17 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Frame ID: F2A5C735CEED95CDC80531FD1EEE79B3
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Frame ID: A78AD9AF4A2D37C873CE7E3D26938848
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 4B27953B0B77E433410F5F57375044B7
Requests: 1 HTTP requests in this frame

Frame: https://49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Frame ID: 55C73ED7818714E9C2FA1A7EBEA8AB81
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyl-zervsTBKY0q7t-yH5HB13qdtsOMmTPgASJ7mAkyvnpJDevw6D_SIhP6ssizQnThbOVw-sIPIstZ80oXft0nLdI08yhzfoNKPtXJ34BxN4AbatS2vi2pjm2x-sCy1HxbN1tRbwRLSiF3zk5PUJGKbL0BS7hfKz1FXQl8NAc5ChUq4W5I4P3NWNsmFMUdWT_bv5QuniQrWw-aouR7OHR29unblJzh55H0G9iu7YIRQ4nO2FniuMK80UF0SgoIAEfkIiLafotppenOkU__OGyO-WI&sig=Cg0ArKJSzAah-_--dEp8EAE&urlfix=1&adurl=
Frame ID: 340A7C96EDFBE1089A2A1A341D63209E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: FE65200870E6EC1F103022F7AB0B996E
Requests: 1 HTTP requests in this frame

Frame: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Frame ID: 45D5C2BCA76C764D19D8DF71D6000F41
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: D80AB3FEBC76CAC25719667E270C979E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 9FC12C12C3652B20FFDA9369B13984A5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Frame ID: 7FD63D9EC0DD5A0CB54D0A72C101182F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F12B01873233686EBCFDF2888391F5DA
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=715283&adId=2927004&adType=10&adServerId=243&kefact=0.100751&kaxefact=0.100751&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1603910014&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.141904&dcId=3&tldId=61233991&passback=0&svr=BID22404U&adsver=_1851472263&adsabzcid=0&ekefact=frmZX8vdDAB4LxWnVN1gfxfHFxszHEPie_rThIE11fRFoLBD&ekaxefact=frmZX-TdDABhJt2UEr3maYUcoXh9KuDe7KyNx7Ht5zZusvJU&ekpbmtpfact=frmZX_ndDAAIffDAsNwTb-hTQ4obqnWaZ0Day-2hj3Mw8Btm&crID=40989724&lpu=optegra.com.pl&ucrid=3568702713981877136&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=7146&wDspId=391&wbId=16&wrId=0&wAdvID=192478&wDspCampId=1928938&isRTB=1&rtbId=BF98C17A-6219-4310-A368-5A1BD6DFE2B3&imprId=CAC5D8C4-6D45-4D96-A851-1D37DD5736BF&oid=CAC5D8C4-6D45-4D96-A851-1D37DD5736BF&cntryId=180&domain=webfonts.ffonts.net&pageURL=https%3A%2F%2Fwebfonts.ffonts.net%2F&sec=1&pmc=1&pAuSt=2
Frame ID: A61FB500BAFA44D790B4C450F7491516
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aUmTR85EUg5teq5PZbZdmUYZb0G3YXGQY1sBnnEfU2U3WTFbAUPU3PTb3PVrmQHFMYtjwTmMv2sB20FFJT6yw5mFdQPbE4drrXWJZdpd6o4AvY5cjbTVn9VsfjPPYoUWFTTrj25biqWqMoTTUlParLQGFJQFupRWY7WGQQ4F6nodiOXaeu4dQZdPcFG26vIpHXsTdQaYU37Ybbh1TatSbvZbWUBSTtJ2tUZbAuM4PTY&mediaDataID=6719746&mediaName=frame.html
Frame ID: 915FA667849FFF5ED9D2774716BD6BC5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aVmTR8SGjH2mQZapHPtTWF80b371F7h1TZaMRrYGTUYXTt3YobboPFroXqMn5aFj2arPoEbCYrU6WWrRmPvBmcfrptnH5qre5tun3AFGmU3EXVfR1sr51VjNpTb43bFUWF7CUAQXPEr0ScQMPH7xYdjpWPbv2cvXXFvZbTmim2PUePmMB4WvO1tQZdmdEw4ABS5GjbUVM8WVBgS6UuTdr3WrMP5b2pPTnCNTCggp&mediaDataID=6347136&mediaName=frame.html
Frame ID: 9E8D5D9229DEA7091D1FCBABAD4AEA37
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZbpbMZbXGvS1cn11GZbxmTB43FUWWFfFUAr0RTQXQsZbnPHju1HfmT6nn4cY5XUZbKV6am4A3eQArF3dUnXdvIpdTM36MY4VUgTsJ8WVbhS6rMWdY3UFMY2bZaqUq3rVTYaST3FRcbZaRbioSt7cWG3R4UTrmdqr0qmp2tbESGBZa5PnZdoWPqUtQ7XUf7Xbji0TIrSUYHTUnSTtJWorQmWrfFvR07n5&mediaDataID=6530936&mediaName=frame.html
Frame ID: 3D9B736267B1E885E28F05D1EF5DF6DC
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAtVHFd0rbd1UjkXqimSbnZbUFQXWtQ2orFrRFBtYTFm4ajf4Tn0oTfK1bZb9UHMQoP7LnVnwpd7G2qUl5HIn3AnJprYEYcQ0YsFY0s7OmqnQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAmHaM4Av14Vj6TVJ8VVJjR6vwTWUWTrZbP5b2uUqjoQqUTw7WOHF&mediaDataID=6546596&mediaName=frame.html
Frame ID: 07207FDF9E3B7E9534FD272FCF542CEA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a0mTR8pdEv36YS5VYeUGBaUcjfS6nNWWM3Ubj12bEpUqvtTEMcQEBJRcfZdPFemPHrkUGMU4F6ootyrXaup3HjAPsjC2AnJmdPpVWjhYFQkYFYg0a6qRr3CWU3SVHJ4nrBtRUFoYEUt3TJa5TU2oEfDXFU9UWFUmP3ZdnG7mmHnJ3TZbg5tEN56JZanrUZaYcfPYVFY1sZbNnaFV2bUVWFBZcUA7TREb0VGQGvFKTPY&mediaDataID=2713736&mediaName=frame.html
Frame ID: BC13CD098F4AFB8D7F3847AE48D29098
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a1mTR83A7ZbprMZaXGQWXsJ5XGBynEfW2FM2VU7FVAv5REn5SsvqQdUv0HBrVPrw4sUW0FUJTmip2AF8PmjK3tFm1dYZcpWaO36JV3sQgUGnjWsMgSPQOUt3RWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHptaqUtj8YFfaYbYi1TAoRUrFTbQYWtvWorQxRUrr4aYHOmm1Uj&mediaDataID=5436426&mediaName=frame.html
Frame ID: 5EB5BFD438B45D592CB15EEA3725E83A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a2mTR8mdAtVWJ6Xbnj1bjgXaIrRFvZdTUvSVdY2nrJmRU7m1Tnr5EUe5TY5majB1rBhWWbRmAfIpVfmoWvJ2aFk2Hem3mBKprjL0GU0XGMV0VvvnqB23FnSTFjZcWm73QEr3ScMnQtFNYtbuWPQM4cU4YbZbJT6Tt4AvcP6MA4WUO0HBLpdeo4P3W4VMeUGJdWVMjS6nMUWvUTFj02biuUqjvTTJaVq3NyJBcqB&mediaDataID=4056396&mediaName=frame.html
Frame ID: 866FE00678A5D4FB945B566C3700D4EB
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a3mTR836YR3sr6TsUkVVfhPPnnUHURUFFP3rZapVqroTT37SErZaSGQZcQFAqRtnaUVn32Uunmdqs0a6v2trZdPcMD5AQJmW6OVWYa0bUkXr790qqoRUrZcTbU2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUQHXsnVXGF20svNmaZbQ3bvTWr7EVAQTREbQScZbsVWJZcv1syQ6&mediaDataID=6680176&mediaName=frame.html
Frame ID: BFF1FD7618829E4558815B36CB1BABC5
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnS1sU1XVrupTJR5FnRVUJZcWPn5QEM0ScYpSd7y1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O1tJZdmWEy3Pv13sbbVcrjVGF8RAFMUHU4TrZb55bAuWEjmWTY9STnJSVBJRravStU8UGnT5r6nmtZaoXa2M2dbFSGjZa46JZamdiyUWbcYrUiXrYf0TqoSUMCUbM1WHY3nr7xRUrN1EFtXqJ5xcycrW&mediaDataID=7665496&mediaName=frame.html
Frame ID: 5A3F5AF7878A2130CC37294A766A5E34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/zrt_lookup.html
Frame ID: 1C389E87E8CB45C196CC2A2AC70B4735
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7766349947687093&output=html&h=90&slotname=4832601341&adk=1821472241&adf=1766241089&pi=t.ma~as.4832601341&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603910016203&bpp=28&bdt=1343&idt=96&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910014%3AS%3DALNI_Mb5JPFw8wluNQWQmGFPRuImNTLHqg&correlator=7560458724622&frm=23&ife=4&pv=2&ga_vid=2141877335.1603910014&ga_sid=1603910016&ga_hid=252010707&ga_fc=1&iag=3&icsg=43354&nhd=1&dssz=16&mdo=0&mso=1088&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=2017&biw=1600&bih=1200&isw=728&ish=90&ifk=1612423490&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=1901927532529967&pem=857&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4iozvqx17wn2&btvi=1&fsb=1&dtd=112
Frame ID: 6F8A8EDF338DD59215D12CF2B9F62222
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7qqvx4EzXyRno653TMwDesterDERokFiEid3DeVIPnnOrdeAKd9qWDhY1o0CAMKxthtODAAW5Oi7b0FifaRtgQV1HEFiOisARVFDn-5BpbC3JDK9qlgpWjtKQ77fMJgrKVIKVVKHdcyiUrXnsxVIV5Y0qT_vIHS1Q0yhpAp_j6eJqVyVFC8X3GIwQXKicSGN3o_q-KWgHmJpMyaemEGOZBHQtLWDOHsMDgUJMcs65nzVpsEQb5fFVF7O2omzRPMuV4p07Fi1B-Vb5BIE9Q9O0UVM&sig=Cg0ArKJSzI8w0scwVU8qEAE&urlfix=1&adurl=
Frame ID: EAB1DC4BBE7DE6E3FB2C58B23762DAEC
Requests: 17 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=asmTR81rZb8WHbQoPvZbnVUpmHbD2anh2HIN5PfZbmrMZd0GMT1sn50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFr0WntWPMM4cvV0UFZaVmPw5mrePmMF2WQm1dUZdpdAo5PBP4sMcVcv7WcjfPPYoTWnSWbf12U2oWaUqVEM7QTBZdQVJCPbuoPHUiUcvW2UXsnHqrXEey3WQAQsJE5AYZbpdeyVWQh0bfb4rFXs9Zbh0X&mediaDataID=8039566&mediaName=frame.html
Frame ID: 41F47AE70B50D4AF328614632ADD67B8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=atmTR8UVMT2FunmHAqYqPw4dQZbPsMH46nHotItUWJ60bM61Fjg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa5Ef3nabG1bjhWHrWoAUBmcYwoWfG3qMf2WZan3AbGnFbZbYGvV1cr00GfwpTb42bnRTUbFVm74PT32QsvpQtUOYt7uVmbu4srUYrBIUmPt5mZb8PPMF3dvm0dMImWZau46nY3sjgVcJcPG7YuZbv1CZd&mediaDataID=6807466&mediaName=frame.html
Frame ID: 0D14C39CB1470308A775B9C17A8519A2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aumTR80UUIVmqo5mUdRmfD4WFs1dnImdao5mQR4sr7Vc39UsJhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCQUmsStv8UGQU2FeqodIOYTPp2tbAPsvF4PFImdEyTdQ8Ybv81Ufl0aasPbUZbTbr3Td32nFQnPFZbpYTno5TUk2avRmEMD1r7fWWbWombImc7motfG2qvk3HZas4mfZamrUE0Gf01cF33cbKqdLnZcH&mediaDataID=9148826&mediaName=frame.html
Frame ID: 662DA17BE34F6DF03B5BF9EC3A861D9F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9A9L_QpF1ubsAto5XbRLZu4ivsavRYlB15N7WbJD7CxFlNlkXr-hNOFtOaal-vrc5aHIBw3PIO39m-05k9yDgi02Fi0cigw4r953R8fpUYI5GOz3-efTEa-Cu_EPGyKBaziaBpL_1kAv-5-jxAVT1B_n8lQ7VWynhPNfJR3FDVr3yaEpToliecRpXJ_ebY6R9GFTtLHMBIG4e8QYAoar1w_8O3B76cXXMPNPp8HLO7PPt040BBxViBXpyfrWDPBPlvjvAryNGbsNVVNnkZ2qOlU2tmQ&sig=Cg0ArKJSzPIpF_7HPAEfEAE&urlfix=1&adurl=
Frame ID: C5A6438270660B505A51898EFE0AD7A2
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 1AB9E9084C722F990621D88B6BA15912
Requests: 1 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/stpd200611_3.js
Frame ID: 2D4B6AA60F9EE611F2B2771551D171E8
Requests: 32 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 40CE38AC3BFDD2C4EEF3E336BA804C2A
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Frame ID: 8AB53C7932D9FE106EAD27F114963637
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9udbV-ZZrlIJoGngvIxOG6Giv0XJ3EpZBuAJyRZHOuJpDp4WHOSR7vxsuWfyfZEfYVm04xIwb5phSxk3pytS7OPjM4VDzXH1ahrYOzLYFkIivEkG_D3Y6Pn5acc4RUGKumy04ZMtoRNATwqkaPdzq89lmTlMBT9N_BiaHeSiU2RhWRUlx8-NpFroA2rae2betBtqZ67x2pY_GOZ67ASiM1WpomBWIrGVYhDZzQ51gNUhc4QozDplBrpjna8jaW_MMD9-xNx9T&sig=Cg0ArKJSzBiFJZDiZU2oEAE&urlfix=1&adurl=
Frame ID: 57967BD726A4AB957AB06FD7A03F9D20
Requests: 11 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 881F6634AA22174909ABDF335D1E2728
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 4057141253DCF1556B20CF8A9F10F307
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 068E893A1200512D03AD775A1F3DEECD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 65E51782F6ED459FD8416B59FAA59867
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: EAF7776633B8C700FE660650AF33C337
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 92E4030FAB887BD639FF17506645F5FA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 5D41923E488554F4707C3416F02E7875
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BAC745F28D41E747F057F33334E90E96
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 55686983BD247B9F0AE3D58DCD50B80D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 18CF8AE0DABDA45792622BE1EF8AA368
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6FCCEBCED7703D2CCB6D50649B7B1F66
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 19FECB303E3EAA70C4E649A64CB30008
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 8F9145983D729340AECDB6639ABF8F06
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5F9ABBD48153A263027B7A1BB49C1950
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=webfonts.ffonts.net&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Frame ID: 3FECA315F6653461CE523C4C7DE3022B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: F71539488E1E5AC6A5FD5C117F86FBCF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 45E8F5D829EEE9B311EC1422AE7BC384
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: C4C4650FC9DC625C73CE15D212294001
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3B956AC3DCA39285ED70785FD610F441
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=715283&adId=2927004&adType=10&adServerId=243&kefact=0.090739&kaxefact=0.090739&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1603910017&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.127802&dcId=3&tldId=61233991&passback=0&svr=BID22440U&adsver=_1851472263&adsabzcid=0&ekefact=gbmZX4iNAQCDAw-Q00kUQH1bjTInHhjE3MVRLbkRjfrp8MNf&ekaxefact=gbmZX5mNAQD5-jgGJaOvY8Z6AvmfJnNAqvdYHlO_K66WY5DR&ekpbmtpfact=gbmZX6mNAQBhTJC8ukXIJUgglMQJDF8X0BBZwxsq4YVoQZpf&pubBuyId=15596&crID=41048607&lpu=rs-online.com&ucrid=2609114322073615480&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=4540&wDspId=391&wbId=10&wrId=0&wAdvID=79286&wDspCampId=2061609&isRTB=1&rtbId=8BF96355-3F03-40FC-ADE3-8F78F1F6562A&imprId=DE26E88D-A4D0-4B32-BCE7-585CC2CE2C2A&oid=DE26E88D-A4D0-4B32-BCE7-585CC2CE2C2A&cntryId=180&domain=webfonts.ffonts.net&pageURL=https%3A%2F%2Fwebfonts.ffonts.net%2F&sec=1&pmc=1&pAuSt=2
Frame ID: BFE26F74DE972861D8ECDE995BCFCD70
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: CD8A2A20044277F710C8C8A4A099D743
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: A0BDDD6F2533A335B13E0FB028CCD3DB
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7B66705E41C5C21E71E9C104D1EC5986
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 97D99F9A64D888526BAEB96AE098A2B2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F3410FAC802197783018144B59B30538
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: BDAA59719E35E1E00A29A69AA06E9CCF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 903B2531386D3C38A77C641E4C397F8E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F288884FFB7B6C88D0726220A745156D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 21F5B412AED4681CCE7AA7C3B060DC45
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E4CC4045BC25BF1DE77ADFCCAF66E0B8
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: D72C67207A0C5E840B4AA9ACD34ADF1E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2AA382AEDE59646BB1016816D1736A84
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 071C8E92C07CF6ED003815558826F45B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html?gdpr=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Frame ID: 70CBDE30D080BD21418838DA90B01212
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Red Hat/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

349
Requests

97 %
HTTPS

31 %
IPv6

38
Domains

65
Subdomains

48
IPs

12
Countries

6017 kB
Transfer

12156 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&gdprString=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=hztDCnx3RmRTNGxHTVo3bmVWV2xIRG84TmE0OVBrYU5hc2haMGlFanFGQ1FIbkFPL21NTDBuQ1oyK05Iai91dzQ1ZEI1U284SXYyS0xEQ0VFampRZ08rTnR4Y2RHeWk2TzNyVkhMa1JuZ0x0OGFWSm0zTDVlejk3UUg3Nm1qdjRYMzRDL2NyWVVKYW9mVWVMMHBlbzQ1UWREM2ZKZmNNQ0VFaUNyYWZZcFRNN25CakhxWG1TUDU3dHBGTU9IM0JTTU9RKzdvTU1RcFcvRkhKZHNpVVp6Q2hkMDMxQlVWTk93dUVENUl2NFNZVWdiWGpRPXw&cppv=2
Request Chain 62
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 67
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&gdprString=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=cndRsnxod2VxZUhLaU5lK1NkRnNMbCtDWWwwT1RQTUFpcENMeDhOcytEUGRMOWRGRzg4dTJvUXREOW50S29PMWRDcm43QW9xT0VGcEhzakw4a0Y0YXg5cE1TZEgza2FOTnIwMzA5MmVTWlJDcTN3aWwvSjBoVXF3azlIbmJDRW5ldDRxSGE0bWkrc2k2OUI4b2E4aHRHSTk5TlB4M0V5bkd4SU13Z1M2RmVSenhvSXltbllHc1BQUlVIakwvQXpDMWxTS21uQW1oT2JzbnZxTWxHZkVqdzQ4YzdGWm9ZeHdXYU0xaGhtQnFZNFN6T2pJPXw&cppv=2
Request Chain 81
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 110
  • https://lv.adocean.pl/_1603910014966/ad.js?id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200 HTTP 301
  • https://lv.adocean.pl/__/_1603910014966/ad.js?id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200 HTTP 301
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1603910015%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1603910015%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7%2Fx%3D1600%2Fy%3D1200 HTTP 301
  • https://lv.adocean.pl/__/_1603910015/ad.js?hclsdata=&hcudata=krVnsVj8ITljoVE0koli5n.9OZryT2at4HWQ1PfDIjj..7&id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
Request Chain 124
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Request Chain 126
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 131
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Request Chain 162
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&bundle=6aQNt182Qmd1SXYyc3lnY2IwMnZTcUNoTmVGV1NBZjVwb2UlMkZqTW15eWNld3hxYWlySFBNbVk1dzVlbHo4OGYlMkY4V3NlejdqZHAlMkJYOFk3dnd5bnQ5UEFQcmVwWHlYTjFncEhJaGJYOGtOa255bXM4TjlIQXFGM2NZb1IlMkJyRm11cVFNcEIlMkY&gdprString=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tMOFtHxOK1ZwcUsxTEF0UjhWUmFMbngwUGI4QXptMFU3STFWOXFZSnFzZXJDREhsMW8wZ1MrcHllaEEzdjM1TEU1c0s5clNNNlAxVUlZRjdVZ1dvV243RFpRRFdaRnRVc0RZTHk4aGtIRkVuMGtYUmp2dVlqVy9wU3c3MHVXRG4rYlU5SDBTeDVZVVhwdU1yVjhML25PRjgxakVlWEIwZjJadTN5QlYxUmRtTWp4R240ODRoQ1JlbTBSVnJ1TEFPWlRBajBQMDRkdzg1OHpLTEVHRVdOT2UwclRZelJjakVMeDU4L2x5S3pOT2Z0aGQ4PXw&cppv=2
Request Chain 176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 186
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Request Chain 187
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLP0krb21-wCFQfHuwgdW5gBAQ;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 223
  • https://x.bidswitch.net/sync?ssp=adform HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
  • https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_user_id=605b88fa-62f9-4be0-8a62-cb850d418c3c&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c HTTP 302
  • https://rtb.4finance.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_user_id=605b88fa-62f9-4be0-8a62-cb850d418c3c&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=159&expires=14&user_id=f1b2fc6e-a4a8-4e5a-800a-c1f6d5ae0f2c&ssp=adform&user_group=&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c HTTP 302
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=605b88fa-62f9-4be0-8a62-cb850d418c3c&adform_v=1
Request Chain 224
  • https://d5p.de17a.com/getuid/adform?url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d7%26adform_pc%3d HTTP 302
  • https://d5p.de17a.com/getuid/adform;c?url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d7%26adform_pc%3d HTTP 302
  • https://cm.adform.net/pixel?adform_pid=7&adform_pc=7871467943501614992
Request Chain 225
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=5062301763140123652
Request Chain 226
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a7309d3d-3dec-4421-820d-da87d55eb13c
Request Chain 247
  • https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_pre=CJL_trb21-wCFZfAuwgdvAYFqg;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D
Request Chain 252
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&bundle=6mAqH182Qmd1SXYyc3lnY2IwMnZTcUNoTmVQbDBiZDl4SjRPakZKT1lZS2dsSGRqNEJjM1V6YXRPcXY0UXpUUW80ckhESmY5M2dBb1F1amt5U1h6NkRBZVlKOHp2NlpVTFZHTFJZZlVmV1Nra3FCJTJGbmo3YmdKJTJCaHB4anp1S1NjMG9TSjU&gdprString=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Jwd6lHxsNXhha1o5dndhbEE2SDhxTzhlcEcyeXV0RFJjVDNGejEvWlFxMEtJR3ZhUzh2UE9MZFNPelJGdERQRDYwRktrZGgyMWhRRmFLRkNMSDNvTlZvZ0pmSGt0bElta25Ib243UjlYa1FFRzZMSXZXcVNQaTNsUFRPWVFmQ3RqUjRXZGo2L2NuNUs0aUxKeGRxNlU0SW1XL1ZTOUVSeGlaOW80enFabHNZc0NGakppUFUzSGI4Rlh1VFFpZTk1VVhzS0lIUmVnVmlPK0I2bi95emN5b0pmNkpVSFRDMFhNZzBHZTRpTTZQTmdHU3lNPXw&cppv=2
Request Chain 266
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 279
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Request Chain 344
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

349 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
webfonts.ffonts.net/ 		47 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
1b368b0a6e9a8d90b9eaf360d103911e1283d56cd10335b50c4ced50f8ca053f

Request headers

:method
GET
:authority
webfonts.ffonts.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:33 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=18bekbpokoqvfplqsosknmplp7; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
9824
content-type
text/html; charset=UTF-8
index.php
webfonts.ffonts.net/ 		519 B
227 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113639
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
3fe02b8e7f073a302175485480af6cab3d91c289f87275c013517e5bf2a0f256

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		449 B
229 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113638
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
540a649cba95031724d80b114ffef5da41d1eba3e14c51c0aef219930f575a87

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		549 B
230 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113637
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
91e2868f405f4fc36169b88a7ba3600f1c8bbf0fd22c769db27cdeb32f2c7e2d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		459 B
223 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113636
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
12a0f699f4e5d70b306e327cf7df01f3ed65552e839c0168a719f1c6f5b943bc

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		539 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113635
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
9619286ca63437be4366ffcabdda51fc3a25cf724c4e670662d5e2ee888d1468

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		649 B
241 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113634
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
b0854b1c4dfe8e249d2561fe242f9b2cb82518eaaaa49f26066ab3d37cca3273

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		459 B
223 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113633
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
61c4203c34972e9084420cff0562564eb984697a26a80864da0695d52686cef1

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		549 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113632
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
47e6e53d106e021829a1309561503b95b561de091f79b6a3169e411e5c4e0a22

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		619 B
240 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113631
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
935307555b3555e680e9f1a880a5bcb8dc31540ddd3a7bb1bf14dc03abcfaefa

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		549 B
232 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113630
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
6d60ff6a5eb3e6c098ec56a8c6b3fa40f4c6b98845b6a7ad1fce32dc09528804

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		459 B
223 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113629
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
451407bd5be95c5fa54b56c4f790ee03d9d7519f673b53a7124a8cd20810d556

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
webfonts.ffonts.net/ 		559 B
235 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/index.php?p=csss&id=113628
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips / PHP/5.5.38
Resource Hash
0ca5b4529fbe3b5121d49974e9c9ca6eacd961f634389fdcbea512356705e593

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
x-powered-by
PHP/5.5.38
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
914d25546feffca3d65b518c72d9abe0dd2c3d5ba4228426353a22d7a87a079c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 554 of 1000 / last-modified: 1603883774"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17731
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:33 GMT
jsall.2.min.js
d144mzi0q5mijx.cloudfront.net/js/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d144mzi0q5mijx.cloudfront.net/js/jsall.2.min.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9a00:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
bdc1370bff6faf8ff327841a1c3da8eb6e5e0c9743907031c32c7ce127371f11

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 23:38:52 GMT
content-encoding
gzip
age
4215281
x-cache
Hit from cloudfront
status
200
content-length
33238
last-modified
Wed, 22 Jul 2020 13:29:42 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
W-a2U8OZ2WSnPrkjl9RJtBs9JseiC5lkUIlBHsndHoejcYee2d8xrg==
expires
Thu, 09 Sep 2021 23:38:52 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 12:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21864
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 12:29:09 GMT
mini.10.css
d144mzi0q5mijx.cloudfront.net/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d144mzi0q5mijx.cloudfront.net/css/mini.10.css
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9a00:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
1c79c62dba9212041721d3b2eb3802b249a514ccf890f33ae81a729273ddb1bd

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 19 Sep 2020 00:54:55 GMT
content-encoding
gzip
age
3433118
x-cache
Hit from cloudfront
status
200
content-length
4451
last-modified
Tue, 09 Jul 2019 08:01:47 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
text/css
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
aFtacHZF-WR5lgJ3IDcwQXvixeyS5p5hNH5oEkNwidZ1E38BCX0kWw==
expires
Tue, 14 Sep 2021 00:54:55 GMT
logo.svg
d144mzi0q5mijx.cloudfront.net/i/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d144mzi0q5mijx.cloudfront.net/i/logo.svg
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9a00:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
e3950981f211d59704e4a7b56aeb78193759f8a097e64d19b1e3232c593f3b3b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 19:25:44 GMT
content-encoding
gzip
age
5008069
x-cache
Hit from cloudfront
status
200
content-length
1792
last-modified
Wed, 29 Mar 2017 21:27:09 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
1l4_aMFIuzmR6nkX39-NjLmDQvgeKDMvqOFGr2IPJb_JQ0XgLShpEw==
expires
Thu, 26 Aug 2021 19:25:44 GMT
ui.svg
d144mzi0q5mijx.cloudfront.net/i/ 		21 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d144mzi0q5mijx.cloudfront.net/i/ui.svg
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9a00:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
f6bbbc58328e644c5eba7be1d2bfecf2ec07d38c33ba1b8cf9e8e8d8ed383e83

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 28 Sep 2020 09:26:34 GMT
content-encoding
gzip
age
2624819
x-cache
Hit from cloudfront
status
200
content-length
6968
last-modified
Wed, 29 Mar 2017 21:12:07 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
x-amz-cf-id
755NiUI8Nmmj029cCabajSagDbGHrrLfMrw8RYL9T7eNR2sgk7nAfw==
expires
Thu, 23 Sep 2021 09:26:34 GMT
adx
pubads.g.doubleclick.net/gampad/ 		53 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/ffonts.net_300x600_left_sticky_DFP&sz=300x600&t=Placement_type%3Dserving&1603910013905
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
4a60ba861a47e942b7aaa7b256331658bc93e4b371246e866fda52f53fb78f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12769
x-xss-protection
0
google-lineitem-id
5435899422
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326350371
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Coronaviral.ttf.woff
webfonts.ffonts.net/webfonts/C/O/Coronaviral/ 		913 KB
920 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/C/O/Coronaviral/Coronaviral.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
a3ca893f25ef08a8ab26b227e36dcdd608cfe8521b6cb7c824283045e9d9636d

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113639
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:33 GMT
last-modified
Wed, 28 Oct 2020 03:48:10 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
935008
expires
Sat, 23 Oct 2021 18:33:33 GMT
Faun.ttf.woff
webfonts.ffonts.net/webfonts/F/A/Faun/ 		1 MB
1 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/F/A/Faun/Faun.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113638
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
2bda8123ba5973467277113283ab951c518d061c704e239c70cf8667c5af8345

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113638
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:33 GMT
last-modified
Wed, 28 Oct 2020 03:48:13 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
1241876
expires
Sat, 23 Oct 2021 18:33:33 GMT
Faun-Ornaments.ttf.woff
webfonts.ffonts.net/webfonts/F/A/Faun-Ornaments/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/F/A/Faun-Ornaments/Faun-Ornaments.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113637
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
e46d1082e6ede3dcf781933f1ec4e3e04a1d1e92577450a40a2e4b65a57c5dff

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113637
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:33 GMT
last-modified
Wed, 28 Oct 2020 03:48:08 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
63528
expires
Sat, 23 Oct 2021 18:33:33 GMT
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/ 		274 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 08:43:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98380
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
KBWitchingHour1.ttf.woff
webfonts.ffonts.net/webfonts/K/B/KBWitchingHour1/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/K/B/KBWitchingHour1/KBWitchingHour1.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
e0288edee1b7a3ad96aca4e0456499703708f9f42fe8b9204efab586d6228586

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113628
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Mon, 26 Oct 2020 03:48:08 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
38684
expires
Sat, 23 Oct 2021 18:33:34 GMT
Meows.ttf.woff
webfonts.ffonts.net/webfonts/M/E/Meows/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/M/E/Meows/Meows.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113629
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
b54b0821a9b263ead03428ba44cd607ef3b57206efc90920a241ef389c80add3

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113629
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Mon, 26 Oct 2020 03:48:10 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
38580
expires
Sat, 23 Oct 2021 18:33:34 GMT
Combat-Regular.ttf.woff
webfonts.ffonts.net/webfonts/C/O/Combat-Regular/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/C/O/Combat-Regular/Combat-Regular.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
4706fafdf707a64e8443b9701e20cfcb6b24700709ab327c78119c50f73b0ffb

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113630
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Mon, 26 Oct 2020 09:48:07 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
18976
expires
Sat, 23 Oct 2021 18:33:34 GMT
Combat-Hollow-Regular.ttf.woff
webfonts.ffonts.net/webfonts/C/O/Combat-Hollow-Regular/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/C/O/Combat-Hollow-Regular/Combat-Hollow-Regular.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113631
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
5a93875f4dd8d90dae1b92019c2f104f05dc34088f34f058ce2988cf5dcba49b

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113631
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Mon, 26 Oct 2020 09:48:10 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
16592
expires
Sat, 23 Oct 2021 18:33:34 GMT
QuantumRegular.ttf.woff
webfonts.ffonts.net/webfonts/Q/U/QuantumRegular/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/Q/U/QuantumRegular/QuantumRegular.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
6c2f7c09a864e6b1deae5d77511cac5bf2b8a9bfe67eba214247b9592412b600

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113632
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Mon, 26 Oct 2020 09:48:12 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
10820
expires
Sat, 23 Oct 2021 18:33:34 GMT
Pinen.ttf.woff
webfonts.ffonts.net/webfonts/P/I/Pinen/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/P/I/Pinen/Pinen.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113633
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
459ffa398cdc28cafd4e8174affa96c36b4808061cf009106c15ae039f8b87ba

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113633
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Tue, 27 Oct 2020 03:48:08 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
35000
expires
Sat, 23 Oct 2021 18:33:34 GMT
Petals-And-Vines-Regular.ttf.woff
webfonts.ffonts.net/webfonts/P/E/Petals-And-Vines-Regular/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/P/E/Petals-And-Vines-Regular/Petals-And-Vines-Regular.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113634
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
cafd752fedd4e9850fbcf731d6cfa87e06a334c89373f1e923cee75b789dc8db

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113634
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Tue, 27 Oct 2020 03:48:10 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
29788
expires
Sat, 23 Oct 2021 18:33:34 GMT
Flowa-Regular.ttf.woff
webfonts.ffonts.net/webfonts/F/L/Flowa-Regular/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/F/L/Flowa-Regular/Flowa-Regular.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113635
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
2f1a6ba3a642e4a67afc21c10eed6dad6970e068b7f55070503ee561456615e1

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113635
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Tue, 27 Oct 2020 09:48:08 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
41632
expires
Sat, 23 Oct 2021 18:33:34 GMT
Flowa.ttf.woff
webfonts.ffonts.net/webfonts/F/L/Flowa/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webfonts.ffonts.net/webfonts/F/L/Flowa/Flowa.ttf.woff
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/index.php?p=csss&id=113636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.234.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.234.216.95.clients.your-server.de
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
24e45114e890671ba0e6fd7df20141fe44703220b8348e66e5ef34f0c9833371

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://webfonts.ffonts.net/index.php?p=csss&id=113636
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
last-modified
Tue, 27 Oct 2020 09:48:10 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
vary
User-Agent
content-type
application/font-woff
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
66636
expires
Sat, 23 Oct 2021 18:33:34 GMT
adx
pubads.g.doubleclick.net/gampad/ 		53 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/ffonts.net_160x600_sticky_DFP&sz=160x600&t=Placement_type%3Dserving&1603910013993
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
69fcd7e7d3bf4f10edf22405f55b980c6855fd26f8bcb461a8da2116df13b029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12743
x-xss-protection
0
google-lineitem-id
5381648375
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326322371
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4666
date
Wed, 28 Oct 2020 17:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 28 Oct 2020 19:15:48 GMT
css
fonts.googleapis.com/ 		811 B
488 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&display=swap
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10c9d0508882f4ae74af996a9f135420de2bb28da4965e20b25718b0230b0a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 18:28:16 GMT
server
ESF
date
Wed, 28 Oct 2020 18:33:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 18:33:34 GMT
flags_2x.png
d144mzi0q5mijx.cloudfront.net/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d144mzi0q5mijx.cloudfront.net/i/flags_2x.png
Requested by
Host: d144mzi0q5mijx.cloudfront.net
URL: https://d144mzi0q5mijx.cloudfront.net/css/mini.10.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:9a00:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips /
Resource Hash
69ada733de1303defaf9f14aa858c5e2088f7b976af2e62a6f7932af840b28fc

Request headers

Referer
https://d144mzi0q5mijx.cloudfront.net/css/mini.10.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 15:44:28 GMT
via
1.1 9569de78dc2ca85c5ba29cb17f0eb7ce.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2017 21:23:34 GMT
server
Apache/2.4.34 (Red Hat) OpenSSL/1.0.2k-fips
age
3984546
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31104000
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
3593
x-amz-cf-id
CpMb1LjvgMrsg_pZsEIPMiwQMV3CjphEoFsD6AHe-hu4H-5PN4GUMQ==
expires
Tue, 07 Sep 2021 15:44:28 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://fonts.googleapis.com/css?family=Lato:400&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 23:28:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:59 GMT
server
sffe
age
68729
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Wed, 27 Oct 2021 23:28:05 GMT
stpd200611_2.js
cloud.setupad.com/postbid/ Frame C4FC 		700 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd200611_2.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
0b9fd46f854150452d9515658f7accd06a854ff7b12773fe7f1f555c13b45f65

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 23:58:27 GMT
content-encoding
gzip
age
1190107
status
200
alt-svc
clear
content-length
228837
access-control-allow-origin
*
last-modified
Tue, 04 Aug 2020 12:49:23 GMT
server
nginx/1.14.1
etag
W/"5f295953-aee68"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 google
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 13 Nov 2020 23:58:27 GMT
stpd200611_2.js
cloud.setupad.com/postbid/ Frame DEB7 		700 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd200611_2.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
0b9fd46f854150452d9515658f7accd06a854ff7b12773fe7f1f555c13b45f65

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 23:58:27 GMT
content-encoding
gzip
age
1190107
status
200
alt-svc
clear
content-length
228837
access-control-allow-origin
*
last-modified
Tue, 04 Aug 2020 12:49:23 GMT
server
nginx/1.14.1
etag
W/"5f295953-aee68"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 google
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 13 Nov 2020 23:58:27 GMT
collect
www.google-analytics.com/j/ 		4 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1842426330&t=pageview&_s=1&dl=https%3A%2F%2Fwebfonts.ffonts.net%2F&ul=en-us&de=UTF-8&dt=100%2C000%2B%20Free%20WebFonts%20%7C%20Download%20Now%20-%20FFonts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1710475239&gjid=1806494406&cid=2141877335.1603910014&tid=UA-9036721-1&_gid=2132699192.1603910014&_r=1&_slc=1&z=245191558
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4244130098010479&correlator=36702275467645&output=ldjh&impl=fifs&eid=21062970%2C21064170%2C21067753&vrg=2020102201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=12900770%2CFF_728x90_top%2CFF_728x90_new_home%2CFF_336x280_new%2CFF_bottom%2CFF_300x600_left_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C728x90%2C336x280%2C970x250%2C300x600%7C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1603910014&dt=1603910014292&dlt=1603910013569&idt=700&frm=20&biw=1600&bih=1200&oid=3&adxs=501%2C503%2C503%2C315%2C177&adys=100%2C2017%2C1102%2C5229%2C3220&adks=3766281543%2C685722555%2C224857727%2C3483703694%2C462831078&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&dssz=20&icsg=2720&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=801x90%7C801x94%7C801x284%7C1600x250%7C288x600&msz=728x-1%7C728x-1%7C797x280%7C1600x250%7C288x600&ga_vid=2141877335.1603910014&ga_sid=1603910014&ga_hid=1842426330&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
d1005e9ec2f2d69f1a58c50aac371caff3f47220550bd8f66af8ca0cc56f850f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20964
x-xss-protection
0
google-lineitem-id
-1,48672010,-1,4623190935,5132492528
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,26564369050,-1,138229015204,138276912635
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-9036721-1&cid=2141877335.1603910014&jid=1710475239&gjid=1806494406&_gid=2132699192.1603910014&_u=IEBAAEAAAAAAAC~&z=1000819307
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Oct 2020 18:33:34 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ Frame DEB7 		450 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1231
status
200
x-amz-request-id
BC829EFC67C113E0
x-amz-id-2
YuietsERp1A20eDVToZdly/QsbWddZhL4SwU8rXgJle1qqRlmnbj6gkVkyfomsFFH9pstqFUOIA=
last-modified
Mon, 14 Sep 2020 09:32:14 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jqj4Xce46nx%2F862RPMT6iaWBPvUcncqqA%2BdXtKihUz8m%2BYYNCarqoNpuldv5CV9gsf7A%2BqGNcbTEMAj8jBMKpwKk9pwrO3xu%2F3ICHI%2FxTKYa3AxeZbxZeipatw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
061215ae670000dfad95a46000000001
cf-ray
5e96bef7085cdfad-FRA
apstag.js
c.amazon-adsystem.com/aax2/ Frame DEB7 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:31:29 GMT
content-encoding
gzip
server
Server
age
124
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ywOPrVIS7_jrqRz9ggIT3lxfJ324R1bkQomaMc2CIaZ8Guueeb6HGg==
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ Frame DEB7 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
344ac8dd67fccdbb055b05cdd7a105e33787edfaf7fff614817f69ff99ab9474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 359 of 1000 / last-modified: 1603883841"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17896
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
sid
mug.criteo.com/ Frame DEB7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&gdprString=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjh...
  • https://mug.criteo.com/sid?cpp=hztDCnx3RmRTNGxHTVo3bmVWV2xIRG84TmE0OVBrYU5hc2haMGlFanFGQ1FIbkFPL21NTDBuQ1oyK05Iai91dzQ1ZEI1U284SXYyS0xEQ0VFampRZ08rTnR4Y2RHeWk2TzNyVkhMa1JuZ0x0OGFWSm0zTDVlejk3UUg3Nm...
347 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hztDCnx3RmRTNGxHTVo3bmVWV2xIRG84TmE0OVBrYU5hc2haMGlFanFGQ1FIbkFPL21NTDBuQ1oyK05Iai91dzQ1ZEI1U284SXYyS0xEQ0VFampRZ08rTnR4Y2RHeWk2TzNyVkhMa1JuZ0x0OGFWSm0zTDVlejk3UUg3Nm1qdjRYMzRDL2NyWVVKYW9mVWVMMHBlbzQ1UWREM2ZKZmNNQ0VFaUNyYWZZcFRNN25CakhxWG1TUDU3dHBGTU9IM0JTTU9RKzdvTU1RcFcvRkhKZHNpVVp6Q2hkMDMxQlVWTk93dUVENUl2NFNZVWdiWGpRPXw&cppv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ae448ed86f855dbee507852d7073abb4c52d985c105fc1b91d5840144812aeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Oct 2020 18:33:33 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1144
content-length
347
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Wed, 28 Oct 2020 18:33:34 GMT
location
https://mug.criteo.com/sid?cpp=hztDCnx3RmRTNGxHTVo3bmVWV2xIRG84TmE0OVBrYU5hc2haMGlFanFGQ1FIbkFPL21NTDBuQ1oyK05Iai91dzQ1ZEI1U284SXYyS0xEQ0VFampRZ08rTnR4Y2RHeWk2TzNyVkhMa1JuZ0x0OGFWSm0zTDVlejk3UUg3Nm1qdjRYMzRDL2NyWVVKYW9mVWVMMHBlbzQ1UWREM2ZKZmNNQ0VFaUNyYWZZcFRNN25CakhxWG1TUDU3dHBGTU9IM0JTTU9RKzdvTU1RcFcvRkhKZHNpVVp6Q2hkMDMxQlVWTk93dUVENUl2NFNZVWdiWGpRPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
947
content-length
482
expires
0
v1
dmx.districtm.io/b/ Frame DEB7 		0
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
cf-ray
5e96bef7fd3ad919-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
061215aef80000d919cba05000000001
bid
ap.lijit.com/rtb/ Frame DEB7 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b96b8d7582df81cedf4263b2750d647d9fd197a2f8c6709e12ba92e7e66006

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
arj
setupad-d.openx.net/w/1.0/ Frame DEB7 		638 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwebfonts.ffonts.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=bc578441-4073-4427-a5de-562350e9247a&nocache=1603910014587&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdpr=1&x_gdpr_f=1&pubcid=35a81b29-dcd8-4e78-8b3b-1ae514d95d36&schain=1.0%2C1!setupad.com%2C67%2C1%2C%2C%2C&aus=160x600%2C120x600%2C140x600&divIds=div-custom-ad-1603910014183-0&auid=541157896
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash
cfceeeb1ead2e66baeac3749e3fdba6126093f5663bf1ddacb60d21248e543b9

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
server
OXGW/16.196.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
487
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame DEB7 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8ff9a415dbd14965ec75e5113023ad9161b26ac1de694fa303591c141ec8d070

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Wed, 28 Oct 2020 18:33:34 GMT
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DEB7 		259 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=179158&zone_id=1010108&size_id=9&alt_size_ids=8&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&rp_schain=1.0,1!setupad.com,67,1,,,&rf=https%3A%2F%2Fwebfonts.ffonts.net%2F&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=bc578441-4073-4427-a5de-562350e9247a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8440640931544336
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3c2e77bcc0f73e6b70dd09b4c2d383c6a85a8f2e29ecd6bc987cd8717d76d950

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame DEB7 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.29 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
x-smrt-d
6%3b6%3b83
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
cygnus
as-sec.casalemedia.com/ Frame DEB7 		24 B
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=268776&v=7.2&r=%7B%22id%22%3A%221358a2a07cbfef%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22143913008dc9e15%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_160x600_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2215108efee27edd8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_160x600_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22160e7bc24fcc51d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_160x600_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A140%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwebfonts.ffonts.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%2267%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b8f2895822ad7220579aaefc48ceef31a36829201e949c9df1e5e9a038f7c7d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Wed, 28 Oct 2020 18:33:34 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame DEB7 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:34 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://webfonts.ffonts.net
access-control-max-age
3600
access-control-allow-methods
POST
/
adx.adform.net/adx/ Frame DEB7 		5 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNjA5NyZ0cmFuc2FjdGlvbklkPWJjNTc4NDQxLTQwNzMtNDQyNy1hNWRlLTU2MjM1MGU5MjQ3YQ%3D%3D&pt=gross&stid=fc2cf1ff-6b8d-46ac-913a-d0ed2d7ef575&gdpr=true&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
prebid
ib.adnxs.com/ut/v3/ Frame DEB7 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
AN-X-Request-Uuid
02f7da45-ab85-4cdf-bf18-f0459a6d8b48
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame DEB7 		19 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
39280197-54ad-41ac-9532-ba6723c52d40
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ Frame DEB7 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1603910014597&src=pbjs
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
cdb
bidder.criteo.com/ Frame DEB7 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=68068799882
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:33 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://webfonts.ffonts.net
timing-allow-origin
*
vary
Origin
usync.html
eus.rubiconproject.com/ Frame 2497
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 28 Oct 2020 18:33:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
adagio.js
script.4dex.io/ Frame DEB7 		64 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2F91EC5F71DD0A0E
status
200
access-control-allow-methods
GET
x-amz-id-2
hVXZsur1ndMPmF61Q3B8z/zm8RHCGASs1xWEVm1ATwtZgxjw2nlPejgmEqRt3US+Zxb8k+VZ4Sw=
last-modified
Mon, 14 Sep 2020 09:32:12 GMT
server
cloudflare
etag
W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oEVAl2ymT9sIFnB5Lw3%2B%2Bdu4mvcmHT6Y17qkfOqFwnyX12yEywbRmwOhyrCNKkajBncR6g77Pe42LDTYiSMK93nkjalCJnZdg9uPqyV5tq4SeBStDFbAXwseEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
061215aea800000eaf22b0c000000001
cf-ray
5e96bef77e340eaf-FRA
localstore.js
script.4dex.io/ Frame C4FC 		450 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1231
status
200
x-amz-request-id
BC829EFC67C113E0
x-amz-id-2
YuietsERp1A20eDVToZdly/QsbWddZhL4SwU8rXgJle1qqRlmnbj6gkVkyfomsFFH9pstqFUOIA=
last-modified
Mon, 14 Sep 2020 09:32:14 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=er34gFxoRNCOWIpZm51ljxPxuwm1EIfIm47DO190QBVv24GJEe9%2Fnz8Qr4ia3KRu6RQ5y0CXAHcDdaDVpYi7DjA7UmurHjY78w3Zbs7XxVBzDaSICa7hRjIhvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
061215af240000dfad9eb1b000000001
cf-ray
5e96bef83adbdfad-FRA
apstag.js
c.amazon-adsystem.com/aax2/ Frame C4FC 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:31:29 GMT
content-encoding
gzip
server
Server
age
124
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nbdULrdvyeFAtPG9Dd6AcnR7IV07-oWVlf80nm0AJk8Jy-SgR1A4Iw==
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ Frame C4FC 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
914d25546feffca3d65b518c72d9abe0dd2c3d5ba4228426353a22d7a87a079c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 833 of 1000 / last-modified: 1603883774"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17731
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
sid
mug.criteo.com/ Frame C4FC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&gdprString=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjh...
  • https://mug.criteo.com/sid?cpp=cndRsnxod2VxZUhLaU5lK1NkRnNMbCtDWWwwT1RQTUFpcENMeDhOcytEUGRMOWRGRzg4dTJvUXREOW50S29PMWRDcm43QW9xT0VGcEhzakw4a0Y0YXg5cE1TZEgza2FOTnIwMzA5MmVTWlJDcTN3aWwvSjBoVXF3azlIbm...
350 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=cndRsnxod2VxZUhLaU5lK1NkRnNMbCtDWWwwT1RQTUFpcENMeDhOcytEUGRMOWRGRzg4dTJvUXREOW50S29PMWRDcm43QW9xT0VGcEhzakw4a0Y0YXg5cE1TZEgza2FOTnIwMzA5MmVTWlJDcTN3aWwvSjBoVXF3azlIbmJDRW5ldDRxSGE0bWkrc2k2OUI4b2E4aHRHSTk5TlB4M0V5bkd4SU13Z1M2RmVSenhvSXltbllHc1BQUlVIakwvQXpDMWxTS21uQW1oT2JzbnZxTWxHZkVqdzQ4YzdGWm9ZeHdXYU0xaGhtQnFZNFN6T2pJPXw&cppv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
b69c2418674850660f99224ad0ba74637595ff1a7ae6de42c1d99c3ba78585cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Oct 2020 18:33:34 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1037
content-length
350
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Wed, 28 Oct 2020 18:33:34 GMT
location
https://mug.criteo.com/sid?cpp=cndRsnxod2VxZUhLaU5lK1NkRnNMbCtDWWwwT1RQTUFpcENMeDhOcytEUGRMOWRGRzg4dTJvUXREOW50S29PMWRDcm43QW9xT0VGcEhzakw4a0Y0YXg5cE1TZEgza2FOTnIwMzA5MmVTWlJDcTN3aWwvSjBoVXF3azlIbmJDRW5ldDRxSGE0bWkrc2k2OUI4b2E4aHRHSTk5TlB4M0V5bkd4SU13Z1M2RmVSenhvSXltbllHc1BQUlVIakwvQXpDMWxTS21uQW1oT2JzbnZxTWxHZkVqdzQ4YzdGWm9ZeHdXYU0xaGhtQnFZNFN6T2pJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1008
content-length
482
expires
0
/
adx.adform.net/adx/ Frame C4FC 		5 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg1MjE3NiZ0cmFuc2FjdGlvbklkPTUxM2Q5Y2Y0LTg1NzUtNDQ1Ni04MTQwLTUxNTJjZWYxMzNmOA%3D%3D&pt=gross&stid=d49c2767-a4d9-4e22-908b-80348e3ba772&gdpr=true&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
cdb
bidder.criteo.com/ Frame C4FC 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=21811778602
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:34 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://webfonts.ffonts.net
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C4FC 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=179158&zone_id=1796568&size_id=15&alt_size_ids=9%2C8%2C10%2C17%2C32%2C48%2C126%2C179&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&rp_schain=1.0,1!setupad.com,67,1,,,&rf=https%3A%2F%2Fwebfonts.ffonts.net%2F&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=513d9cf4-8575-4456-8140-5152cef133f8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6490000084626062
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
59cf6e2f83ceefb87beb2defc2dc658530b453841de003a6906b7451489e614f

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
2278
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C4FC 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
eee07802-9f9c-46f0-81d1-249d65dc8f45
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame C4FC 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
55e482d4-3e8f-4af7-8b34-2b4db19410a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame C4FC 		25 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=268776&v=7.2&r=%7B%22id%22%3A%2211f1f155f8b573e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22129ee5b5f211fc3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2213fac34f2baf311%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221429533a9aebe4d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221551598d059322e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22162e0c3aac0d624%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2217e0a52d3fe14a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221887e57e92981cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2219a35caf88399f4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A500%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22205d244cf33b1f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A360%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2221056c41f629bb4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A500%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2222c1e2b33355242%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22233d80a5f21c6a8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600_left_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwebfonts.ffonts.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%2267%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5fe72bda37b4c28c3d9ff4480b8cbb95c7a175da58e93a74f55e85ca6a4b338

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Wed, 28 Oct 2020 18:33:34 GMT
arj
setupad-d.openx.net/w/1.0/ Frame C4FC 		641 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwebfonts.ffonts.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=513d9cf4-8575-4456-8140-5152cef133f8&nocache=1603910014780&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdpr=1&x_gdpr_f=1&pubcid=35a81b29-dcd8-4e78-8b3b-1ae514d95d36&schain=1.0%2C1!setupad.com%2C67%2C1%2C%2C%2C&aus=300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C120x600%2C240x400%2C240x500%2C250x360%2C250x500%2C200x600%2C240x600&divIds=div-custom-ad-1603910014178-0&auid=541185968
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash
4d0f14e212cb76b930899947d176e7a18e50915bf8525d7f66984b372a8828f1

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
OXGW/16.196.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
489
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ Frame C4FC 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
cf-ray
5e96bef88e54d919-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
061215af5a0000d91928150000000001
/
hb.emxdgt.com/ Frame C4FC 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1603910014782&src=pbjs
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
v1
prg.smartadserver.com/prebid/ Frame C4FC 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.29 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:34 GMT
x-smrt-d
6%3b11%3b81
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
bid
ap.lijit.com/rtb/ Frame C4FC 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
36b243216fd1584d1e478a3bfdfa73bbbd23974e69daae2af6914f4d7336d40b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C4FC 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:34 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://webfonts.ffonts.net
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame C4FC 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
278695c821ecae8c06a9f6ef90dd299df9efdee6e217c1806b23f75129c1a4af

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Wed, 28 Oct 2020 18:33:34 GMT
content-type
application/json
usync.html
eus.rubiconproject.com/ Frame 0288
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 28 Oct 2020 18:33:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ Frame DEB7 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
adagio.js
script.4dex.io/ Frame C4FC 		64 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
0
status
200
access-control-allow-methods
GET
x-amz-request-id
2F91EC5F71DD0A0E
x-amz-id-2
hVXZsur1ndMPmF61Q3B8z/zm8RHCGASs1xWEVm1ATwtZgxjw2nlPejgmEqRt3US+Zxb8k+VZ4Sw=
last-modified
Mon, 14 Sep 2020 09:32:12 GMT
server
cloudflare
etag
W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CK4EVyEF8DAly0rhYj5yzfMr4JPoRVqrRENUog81BCZRKUAAAstyBLvmTREVILiqZH8TAejjBqNjTBQy7Vhg1PaDGH%2FwJftDlIpSUfsmraLZ16Dzde7LGbhQIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
061215af6700000eaf45acd000000001
cf-ray
5e96bef8a8880eaf-FRA
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame DEB7 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 17:48:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2686
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
5Lpaysi_6MSLpf5Of_adgUk262AltQIhS76zgQvEH7PTMel0X1l3aA==
bid
c.amazon-adsystem.com/e/dtb/ Frame DEB7 		579 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwebfonts.ffonts.net%2F&pid=DKX03NBjrTlbP&cb=0&ws=160x150&v=7.57.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%2C%22140x600%22%5D%2C%22sn%22%3A%22%2F147246189%2Fffonts.net_160x600_sticky%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7ae7ab415653bdf80c6980360130705da99ec86a4c8811539a2fff17127bfef8

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
444
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
_gJDFP5yaEUFYC87X9Hx7SHgW_qM4z6eqeuMaGZSCYrVRG3RTPhGkA==
amp4ads-v0.js
cdn.ampproject.org/rtv/012010200130000/ Frame CF69 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56832
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fc56d6feccb35077"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame CF69 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5337
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"daa4412bcb5a8fd6"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame CF69 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29527
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f91dfcaf1b61c8c5"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame CF69 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1792
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2c1d882225e4ba30"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame CF69 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14145
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"88dc985411e715a7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
css
fonts.googleapis.com/ Frame CF69 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 16:45:14 GMT
server
ESF
date
Wed, 28 Oct 2020 18:33:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 18:33:34 GMT
truncated
/ Frame CF69 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
875080666046d0d0c4381288fad193533ca5df43832f56dfe2ce8335ed754e51

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FCC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9lAvaxfb7kBdwccKzxS6XySy06TrU6FAvj1L5p1vCs0Q31pKVwbAgvvLWB8TO3ALhZYxTHat_HqAFpjszDCALSWQDg4xUMFm5oqmLueCn2KmJlQz9ilmHX9M6d2dFUpfjO069ukZ8Kzi1xdvcmJBt2LTUEzFqnaKSg7GzJso642DYno3Mw1hWs-M5gPEfcllNXfZA_zzRq2h_4R9H4RAIfu-x9oX-lXO8kNPjcYosJV11gxCXk__e5qJpxYWIQPkzdbsTdg1XVPM-&sai=AMfl-YSCqvhrMEiA7Pd8B6j1xvs5sVIuU25vkBKvFvPTBv-QwEBEtHgExSD5nzDpkZOdPA6_MCJRiANDDNPYnx2RdXwuHZKg4m2TFSPHVgkpC_o9r0FHjerzpqsjlbv0UmU&sig=Cg0ArKJSzO-4dtthvm6LEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:34 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
tags.js
tags.expo9.exponential.com/tags/FFontsnet/ROS/ Frame FCC9 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1d46cfa4bf4f482367f1acb413c25509d6c71611a280608006dfeb4062e804

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
13970
cf-request-id
061215b0180000d91da6327000000001
x-function
151
last-modified
Wed, 29 Apr 2020 03:44:15 GMT
server
cloudflare
x-reuse-index
34
etag
13843545850687342026
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
5e96bef9bca8d91d-AMS
expires
Wed, 28 Oct 2020 19:33:35 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame FCC9 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
l
www.google.com/ads/measurement/ Frame CF69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwqDvn5uerexC3Tw0eiLR6hnU3LRiJkgP0POIFH9OGtbHQURWeFcXJzZlK2wYUYogXt1ry
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CF69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl7UPfrmZX9S9Gdjv3wP3o6u4Ddzf3Mtfj7jrqdAK4JrSr50SEAEgyPb7AWDp5MmF2BqgAePPmb8DyAEB4AIAqAMByAMKqgTsAU_QNMqtw3pZWmnm5GgWCaiNa66cf7Zb81R_LLAB_5HUSUWA_iCuPqa6s90lxstNyLYaNiIuXrMqGDZo1-cZpZoOkkM5Z-xMTT1AgdAmtiRDT5lxuzaf0ssnsBpg97uro8QSMUKlDNJKgKnIimj0pw5dAjiskmAV46xcr3eDVxwh8L64NBHhLeVOH_e3ac4gM1GAipnXx0RmTM3V8cMh4vfpgYfC6c6PctVw5PltZmBAnrYOxLwl9waVfuQgRdoz0XejusPyiIcJEfbQcJ9xJNq553eJs2b3E7NYi4jZ0KhxCTIbf9r_XSAUtlMdwASr3peTxQLgBAGSBQQIBBgBkgUECAUYBIAH3faTMKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCt2w7SCAkIgOGAUBABGB2ACgHICwGyDBRwdWItNzc2NjM0OTk0NzY4NzA5M8IMAggB2BMMiBQC&sigh=BhC_TI0Fq94&tpd=AGWhJmuxdtp8LYm-HQ3f9ABhRmhj8p1AXB37CLVinFuOpbW8bg
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012010200130000/ Frame 30E1 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56832
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fc56d6feccb35077"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 30E1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5337
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"daa4412bcb5a8fd6"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 30E1 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29527
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f91dfcaf1b61c8c5"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 30E1 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1792
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2c1d882225e4ba30"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012010200130000/v0/ Frame 30E1 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012010200130000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
31267
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14145
x-xss-protection
0
server
sffe
date
Wed, 28 Oct 2020 09:52:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"88dc985411e715a7"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 09:52:27 GMT
css
fonts.googleapis.com/ Frame 30E1 		7 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Oct 2020 18:27:20 GMT
server
ESF
date
Wed, 28 Oct 2020 18:33:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Oct 2020 18:33:34 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/15028931469782959449/ Frame 30E1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15028931469782959449/2076313506083323656
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61a045b768e9e88af2f73f9ae55b360a4d6cd4f0c340f9ae3848078d9b48c4eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 19:58:54 GMT
x-content-type-options
nosniff
age
513280
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14107
x-xss-protection
0
last-modified
Fri, 17 May 2019 07:25:03 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Oct 2021 19:58:54 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1574186036640001249/ Frame 30E1 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1574186036640001249/downsize_200k_v1?w=300&h=300
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0340581cb591822ccc755f95c99a17bd274436b3728427d23975e8346067b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 00:49:12 GMT
x-content-type-options
nosniff
age
63862
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6580
x-xss-protection
0
last-modified
Thu, 06 Sep 2018 09:49:27 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Oct 2021 00:49:12 GMT
truncated
/ Frame 30E1 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 30E1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ccb355d306cb63591096659ac777a81f5d549afa1c464dcf1a5826f3180db49

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1035 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwXSBy-p_zScHxAENxA3lpqi4X6B0xprbQMppT-pOZH_jvInr7y-g_235B0jD6xXyY0kebKj1SUjciVQET1gFOGt3GMOKF7lVlmccuLFMTdQaf19ptHw2hiD_YXf5oRf4s2pE2SvzRyzw6G-b450IJw8nwFoqIDD3xgYrMBEIWuKbnxLCyCOruj2_2bqoA_QAkV_McuZkVFnWm_seGJaAVHeLYPL5f_v92YM224MOUgax67pqbeiUOzIxu_oywnsrtugQ&sai=AMfl-YTGBDFk_8Q0465tJ3L9iwW2KF5tqWWZaJS3YcZ1l4mo41oRntdKwK30zjejoSwnbNCXk2kE0q9ZgoSnRUvpcyZFJwAh-3aZQ8uAjBGj54ItZO_7rkehr2slKOLej6U&sig=Cg0ArKJSzHMUGuRJ25VHEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:34 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ad.js
lv.adocean.pl/__/_1603910015/ Frame 1035
Redirect Chain
  • https://lv.adocean.pl/_1603910014966/ad.js?id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
  • https://lv.adocean.pl/__/_1603910014966/ad.js?id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
  • https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1603910015%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7%2Fx...
  • https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1603910015%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3D0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7%...
  • https://lv.adocean.pl/__/_1603910015/ad.js?hclsdata=&hcudata=krVnsVj8ITljoVE0koli5n.9OZryT2at4HWQ1PfDIjj..7&id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
56 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/__/_1603910015/ad.js?hclsdata=&hcudata=krVnsVj8ITljoVE0koli5n.9OZryT2at4HWQ1PfDIjj..7&id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
11ce91ee3846aee32bd4be6cc847e21e1aac91453e20411237743dfdf888bec0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
server
GAD
vary
Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
57141
expires
Tue, 27 Oct 2020 18:33:35 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
server
GHC
status
301
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://lv.adocean.pl/__/_1603910015/ad.js?hclsdata=&hcudata=krVnsVj8ITljoVE0koli5n.9OZryT2at4HWQ1PfDIjj..7&id=0UrnYq_ld1XaqUFm_Q24ju83jNSZKZBp82ppMplqsiH.o7/x=1600/y=1200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Tue, 27 Oct 2020 18:33:35 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 1035 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A0C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurbWH2DhlbejdPrOyb2IY48kv1sj8l2BOnstqh73dfLmoYQFSzoxZAbAvNXgHr8yWYQoQk3g3dR_oSTpdVc34acb-pkM2vm-vTZ5xbUR5wGopPwvr6_iHciTQ_yMmMh_xC0x24iBEHnqMnJiy-nf5lNkv7Mj3OApfTW3SJYhl6SPuSbrRsCfw9QJ9anSlb4qGiqb1orK4QsA1A7--02uxTNsegVMnuhfNLcgYSirvSs5H1JROpqBFqPjHtF84TlSHdbuXOMDF4k0Herbg&sai=AMfl-YTWK484RCYZXRJCKhPpJPmyoTGfJmYJXVpQghnMRaW_X2dzghFCGdatF1geZ3JB7Wh_c4Yy_d4frpoC7klhhD7Q875zI2WEHU24azMXj9iCoyiME_k-9qSVHpLRZLc&sig=Cg0ArKJSzHb1K7biof5DEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
tags.js
tags.expo9.exponential.com/tags/FFontsnet/ROS/ Frame A0C7 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.5.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1d46cfa4bf4f482367f1acb413c25509d6c71611a280608006dfeb4062e804

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
13970
cf-request-id
061215b0190000d91dc090f000000001
x-function
151
last-modified
Wed, 29 Apr 2020 03:44:15 GMT
server
cloudflare
x-reuse-index
41
etag
13843545850687342026
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
5e96bef9bca9d91d-AMS
expires
Wed, 28 Oct 2020 19:33:35 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame A0C7 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 30E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBWdBfrmZX9W9Gdjv3wP3o6u4Deab5Mxe9uK-6OYHsJAfEAEgyPb7AWDp5MmF2BqgAdfDsOIDyAEJ4AIAqAMByAMKqgTyAU_Q2F4LsmXXq0X5Qh4CXOICcrfjD7oaHqYgU9m3BxAhoVL9ujQMinABOknIc1Bn9rK2-o_bgFI0zK2yzH9vIilV_UCT0PWzloog8XuBynZ8B2hhWDgMH80eMCzDQI6nw7bgVQIdH_FK34jpSIoczJBNIbj_n6psJ7_gqip_3LBx6mK4V-IkGWsY6fcgxv9u3kaGPI4TRhy-BC0Gdy8mlXvC8bwtgTzAoYAKFE3cQpQ1cFS7zB8-OlhZDw2j91R_Yooztov-fSk0P25Ka0YIbZcMRLb2r47Yu19bcEmnGwsVegzOvPcAJIL1tgVtbEH9iq0gwASFhKqX1gHgBAGSBQQIBBgBkgUECAUYBKAGLoAHs86DhwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ9coC0ggJCIDhgFAQARgdgAoByAsBsgwUcHViLTc3NjYzNDk5NDc2ODcwOTPCDAIIAdgTAg&sigh=KClUcB4oTUg&template_id=484&tpd=AGWhJmsNzRckPBYmfJU_vCo-iSvRR3XsQWoD8ATMuhC_1UoLyw
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ad4a7b77a8ed2067d348581f1b58bb185a2490384bc0cb0b9039a0fa4f407c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6694
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame CF69 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 08:32:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
age
381649
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Sun, 24 Oct 2021 08:32:46 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame CF69 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 09:05:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:26 GMT
server
sffe
age
34091
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Thu, 28 Oct 2021 09:05:24 GMT
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/ Frame C4FC 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 08:43:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98380
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C4FC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 17:48:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2686
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
9c7uQZOE2N8YVpzkObukIe-uJzbuwMXoOqTNC_0CXRlZgkwJVEEj8A==
bid
c.amazon-adsystem.com/e/dtb/ Frame C4FC 		579 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwebfonts.ffonts.net%2F&pid=sdEQYgzzvYFne&cb=0&ws=300x150&v=7.57.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22120x600%22%2C%22240x400%22%2C%22240x500%22%2C%22250x360%22%2C%22250x500%22%2C%22200x600%22%2C%22240x600%22%5D%2C%22sn%22%3A%22%2F147246189%2Fffonts.net_300x600_left_sticky%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d9f5a7dc9243ef17d86d7723d62e639425b5ab6a04f19376e9f1b2852d170d05

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
444
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
Qp_8vBzo39bRCVq2iwHVTuEfI4cU9CyPIGf_-NekEHrOZJNWv6GgaQ==
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 30E1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 27 Oct 2020 23:06:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
70042
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Wed, 27 Oct 2021 23:06:13 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 30E1 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://webfonts.ffonts.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 24 Oct 2020 04:36:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
395835
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sun, 24 Oct 2021 04:36:20 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame F2A5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
65
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
User-Agent

Redirect headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Vary
User-Agent
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame CF69
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DEB7 		109 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DEB7 		109 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DEB7 		74 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3669000389855884&correlator=3674152600766298&output=ldjh&impl=fifs&eid=21068385%2C21067448%2C21067753&vrg=2020102701&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdpr=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=147246189%2Cffonts.net_160x600_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600%7C140x600&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.08%26hb_adid%3D3026b398a1cd4f5%26hb_bidder%3Dpubmatic&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D5086dfa7090129b9-2229350815b900f1%3AT%3D1603910014%3AS%3DALNI_MZnee5FCEtb5f1o0HY0NgnneJlmFg&cdm=webfonts.ffonts.net&bc=31&abxe=1&dt=1603910015219&dlt=1603910014128&idt=1067&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=150&oid=3&adxs=1348&adys=1&adks=1975103487&ucis=scy33beskhbn&ifi=1&ifk=2433431952&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=ffonts.net&loc=https%3A%2F%2Fwebfonts.ffonts.net%2F&top=webfonts.ffonts.net&dssz=11&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x150&msz=160x600&ga_vid=2141877335.1603910014&ga_sid=1603910015&ga_hid=1380789712&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
2ac3b9a031b67c099b2b40b9a8bbe4b6670ef5938cfd0d6bba1f7f01800918b6
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18153637873677956776/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18153637873677956776/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPno2bX21-wCFQKfdwodew0F1w&gqi=&layout=/sadbundle/%24csp%253Der3%24/18153637873677956776/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18153637873677956776/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18153637873677956776/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPno2bX21-wCFQKfdwodew0F1w&gqi=&layout=/sadbundle/%24csp%253Der3%24/18153637873677956776/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24633
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 28 Oct 2020 18:33:35 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DEB7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
iu3
aax-eu.amazon-adsystem.com/s/ Frame A78A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
65
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
User-Agent

Redirect headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&dl=cnv&dcc=t
Vary
User-Agent
integrator.js
adservice.google.de/adsid/ Frame C4FC 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C4FC 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C4FC 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=475676721852067&correlator=2380611847389548&output=ldjh&impl=fifs&eid=21067448%2C21067753%2C21067655&vrg=2020102201&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA&gdpr=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=147246189%2Cffonts.net_300x600_left_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%7C240x400%7C240x500%7C250x360%7C250x500%7C200x600%7C240x600&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D395a76da8e144a3%26hb_bidder%3Dpubmatic&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D5086dfa7090129b9-2229350815b900f1%3AT%3D1603910014%3AS%3DALNI_MZnee5FCEtb5f1o0HY0NgnneJlmFg&cdm=webfonts.ffonts.net&bc=31&abxe=1&dt=1603910015261&dlt=1603910014123&idt=1125&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=177&adys=4242&adks=4180484683&ucis=vy56634jw5iw&ifi=1&ifk=2497198394&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=ffonts.net&loc=https%3A%2F%2Fwebfonts.ffonts.net%2F&top=webfonts.ffonts.net&dssz=11&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2141877335.1603910014&ga_sid=1603910015&ga_hid=1018187589&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
80889d90775495c601e55a9f6af138eb706c464bff97b3f05f613e66ea66d419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2301
x-xss-protection
0
google-lineitem-id
323970629
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303033641
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C4FC 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 4B27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
303
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
displayAd.js
s.tribalfusion.com/ Frame FCC9 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572e6dde327de782dd98e4dd0196c8a382a43d59aa2e57fe898c0a2330502ed2

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
332
cf-request-id
061215b29a0000fa44e89b5000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
13
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
5e96befdce38fa44-AMS
expires
Tue, 26 Jan 2021 18:33:35 GMT
displayAd.js
s.tribalfusion.com/ Frame A0C7 		678 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3072ba86aa8d2fd47234b4be106c992d91bde1ea44930604732d458dea9c149

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
327
cf-request-id
061215b29d0000fa445f8c4000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
47
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
5e96befdce3dfa44-AMS
expires
Tue, 26 Jan 2021 18:33:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102201&jk=4244130098010479&bg=!-_il-NjNAAVp0lmVaVgPFnPs8EN2pgIAAABVUgAAAA8KANJRHTp3bvcUJvriYAHFk0XHqu02FvC7kAasUiK-RlRdeUFvyAgF0pmzUZLYnmcEJsVMrTf6ISdLNcBLdtZ407JzWH8uiwF_cwYQkPzGhCDMtd9BIyWEzJLUuwcuVHdMlDlU5yHSoRlP0HQBCZIWrlaXRxXJq6kfN5Qrb_mSrbIuocLDIOhLY_V3LwA3r3rwwdsFdGAxZ6dN67aRWUYBlxJrponRGGMz_a42Jbw_w5s8iosOKdl_K1PLYJmpmB1nYCqJnyxqMRxHthL844zLg_Go4L2ZAco7_WHp11qrj2shcQqevvmSPoGhL1oNvymZs3P1Cc0qyRMFsSrggjPyUtqqLgPrZQ7YVAf4QHGWKwOirZGe8IxDxzLHAI2nmZ_YjVlF1iYAebzVFcBp87U3YKyGYvFciu5A03DYHcoAfIzhsVrn-seqMue736TB9AIvP9ZUKv3JoZOAzgbfx0E7S0rmiqMhpglPnUzUceB2aasfJelOGBiI6eXNPRUzteMdvauiEtZt4H5kofZwERk9P0eg0ZyfPUdnmSYhIf2DvIj7JE7LkEZIwT-UmHzF2W0RFYYWf4mPKc3biA7tcNTRYPk4V3QiZiQ-TV02dYJD8MLCpJRVY8JoTBC1rr-fccIDBNbYcVGh4rAmV8kWPAb30fd1n5Q_XKQM68noJBnc09LGbjo8TmXsKgNo-i8JDO32yrMJxcs2eI7CrmWhfscnledKSzkHsJ4uFeEBRMM6WpLOJ4dknsKu_20_p1fStIGN_S6VsmwWqQyCo0WLJeCMSc0eu0BRvdFHGN5f0jGIF8GTPY1FyPZkz0tT_FXOGZAdlDGoZvq3Hy5pyEiQKF6Q6Go1KtjWDFzHy6iBjIz2gjDkvCLLAo7eToX4ZEBpRVi7Yg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 55C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Wed, 28 Oct 2020 18:33:35 GMT
expires
Thu, 28 Oct 2021 18:33:35 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame DEB7 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 340A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyl-zervsTBKY0q7t-yH5HB13qdtsOMmTPgASJ7mAkyvnpJDevw6D_SIhP6ssizQnThbOVw-sIPIstZ80oXft0nLdI08yhzfoNKPtXJ34BxN4AbatS2vi2pjm2x-sCy1HxbN1tRbwRLSiF3zk5PUJGKbL0BS7hfKz1FXQl8NAc5ChUq4W5I4P3NWNsmFMUdWT_bv5QuniQrWw-aouR7OHR29unblJzh55H0G9iu7YIRQ4nO2FniuMK80UF0SgoIAEfkIiLafotppenOkU__OGyO-WI&sig=Cg0ArKJSzAah-_--dEp8EAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ Frame C4FC 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
/
track.adform.net/adfscript/ Frame 340A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=40989724;rtbwp=0.141904;rtbdata=U41l7GRdQTNX7HT6nJtr_YfhZGA9wU64i6hh8ffw_NjuM0vIw2Kvo4KIWaYgryaCoYs-IG43r_Epk5uXTGvy8bwAFVr3b3OEh3df7mmYw0mWLTSq2oyyU9cR2JE3DJS6jktDqoeTlPfaT7EzeyijHAWG7AxHHhIydDur8H5l4Eqwk_YGTWodX-cNozvNLji8HrY5KhBcWjF6whSzI2Q76aGZM-BnXoEQqIBtM9AiDTnsHHYZQqRH5kgco_XwZsqahLi54b2pyJ-maqm2iIIeamPzViXQUycy78HJ5dtlcQdByGLtoucpXLTVXsxCbJ1czLzA-rJYrEntjduim2gpFQCG2eY6t715vJTx7vkqdo9DGUaL4PXVLg6uNvHteuckIR6ak-IwgCRva7f5iIbn12UXDNij7HdaDklx7SqlnK2dhvIjeGyYmQLcvP4RMpbg_2Czo_MXT3BeUIbMhxRSozoRVd_WWqvGTITWy3xCSL0G_yaniS0N8Ufx9Pgpu36zXY539y5sUdpi6f15QEM7xIViNljdwIoQM-5jsfBVDs7VPIJ7TBx_Y121yMVpFN6mQGZhP5Pq0-i0WGZtY7bban1IL4KG2tolcgoAUXbkUvA0KRY8AEF_3O1XpwnofQTYrxBqNLLpzBtdCMZPHQ5HqVEAUOQGQ_Aw5bX9WFsfUVBZEAnApp6dzJughLYLsq-cVXuFEHGV8Xa5IbstD4NO9YPeQotqEineOjBBLWIf9NyL23O2nm5axseY4lafjfVnz8n5_F25F9e4KmKQAjwmmRfwBCHfY0d7_Lh9ScXRYnPCKxO30yUxq42tl1RwluyBBsFp0JFMh4nE4_sQZGQgqA2
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fbbf1ecae7ef2db3b0795eb94bf5ffea69d31d495d615e5c80dda43e670320b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1465
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 340A 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame C4FC 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C4FC 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93b34fbebbe31947f123da997cd85255670e3667c0b858ee219b63af5f183cb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6527
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C4FC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame 340A 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=40989724;rtbwp=0.141904;rtbdata=U41l7GRdQTNX7HT6nJtr_YfhZGA9wU64i6hh8ffw_NjuM0vIw2Kvo4KIWaYgryaCoYs-IG43r_Epk5uXTGvy8bwAFVr3b3OEh3df7mmYw0mWLTSq2oyyU9cR2JE3DJS6jktDqoeTlPfaT7EzeyijHAWG7AxHHhIydDur8H5l4Eqwk_YGTWodX-cNozvNLji8HrY5KhBcWjF6whSzI2Q76aGZM-BnXoEQqIBtM9AiDTnsHHYZQqRH5kgco_XwZsqahLi54b2pyJ-maqm2iIIeamPzViXQUycy78HJ5dtlcQdByGLtoucpXLTVXsxCbJ1czLzA-rJYrEntjduim2gpFQCG2eY6t715vJTx7vkqdo9DGUaL4PXVLg6uNvHteuckIR6ak-IwgCRva7f5iIbn12UXDNij7HdaDklx7SqlnK2dhvIjeGyYmQLcvP4RMpbg_2Czo_MXT3BeUIbMhxRSozoRVd_WWqvGTITWy3xCSL0G_yaniS0N8Ufx9Pgpu36zXY539y5sUdpi6f15QEM7xIViNljdwIoQM-5jsfBVDs7VPIJ7TBx_Y121yMVpFN6mQGZhP5Pq0-i0WGZtY7bban1IL4KG2tolcgoAUXbkUvA0KRY8AEF_3O1XpwnofQTYrxBqNLLpzBtdCMZPHQ5HqVEAUOQGQ_Aw5bX9WFsfUVBZEAnApp6dzJughLYLsq-cVXuFEHGV8Xa5IbstD4NO9YPeQotqEineOjBBLWIf9NyL23O2nm5axseY4lafjfVnz8n5_F25F9e4KmKQAjwmmRfwBCHfY0d7_Lh9ScXRYnPCKxO30yUxq42tl1RwluyBBsFp0JFMh4nE4_sQZGQgqA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
652aa3a15b05e157b7229123aaf8842a34dfac5cc9ae432edfffe3f06336f61d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:46:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame FE65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
303
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
extra=;
adlv.hit.gemius.pl/_1603910015667/redot.js/id=zDtLArQ8tK1N2KZbqixOiLe9fSUkgCNuCYMl_6ctlZT.g7/stparam=ydjkoxgfjw/fastid=lmqddkzmzfunxwjfhiphhigoujmd/sarg=5F99B97F7B3D857C/ Frame 1035 		2 B
309 B 		Other
General
Check archive.org
Download Go to
Full URL
https://adlv.hit.gemius.pl/_1603910015667/redot.js/id=zDtLArQ8tK1N2KZbqixOiLe9fSUkgCNuCYMl_6ctlZT.g7/stparam=ydjkoxgfjw/fastid=lmqddkzmzfunxwjfhiphhigoujmd/sarg=5F99B97F7B3D857C/extra=;
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
server
GHC
status
200
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Tue, 27 Oct 2020 18:33:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1035 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNAEK4R-sD-G80rM1lk26xUepfc19Kgm2jcBDIguINbpulGte_uUhpL-7AunRqNTzTYTkAIsQYb5LqjEa4Q-HKJonFaNEZCpQGNiocjhxamHkdNk3gl8M5unDzEvEH0XRUDr3y2BhFlWT7KC9noila8Tegv5KgFUxpQ9uZD-oh5s2341xCBM0mpWs_paWhvxu0pN-DqNWtfEjAvWdD0YOnbKKfw3peZg7kRSybuNx-jBqN_GcH09QQaSh6s1slfr28zyvbfg&sai=AMfl-YRHlQpDmZqHzzQgvqnLw6Ll9EMJvfj_SbLkUVcKbuyJKAXJuWievJ-2DHk-g1aDZ1QNEpNrMvJhoV4iw3npUjgSgVN1rb5ETakixmMQ0A4nb6DMzR-qq-VLlf67Psk&sig=Cg0ArKJSzCcVPQ9tT1gjEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 1035 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f89be944f553ec426f046567740a65ab28d43f95527c66ce7c2e03043a8b1bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
node.php
node.setupad.com/node/ Frame DEB7 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
sodar
pagead2.googlesyndication.com/getconfig/ Frame DEB7 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a10fdaff1ce3041990ace1cae5e4a4c9b1f8b749a78963c696c95831e0d15701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6456
x-xss-protection
0
stpd200611_3.js
lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/ Frame 45D5 		626 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.38.133.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ip13.ip-54-38-133.eu
Software
GAD /
Resource Hash
bed373320baaf76ddc3e345b527674a8aabb86e72b000c363bbc5fed4d7f82e0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
last-modified
Tue, 25 Aug 2020 07:47:17 GMT
server
GAD
etag
"5F44C2050009C88B43C12E4C"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
public, must-revalidate, max-age=4320000
accept-ranges
bytes
content-type
application/x-javascript
content-length
170643
expires
Thu, 17 Dec 2020 18:33:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DEB7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame D80A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
303
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
localstore.js
script.4dex.io/ Frame 45D5 		450 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1232
status
200
x-amz-request-id
BC829EFC67C113E0
x-amz-id-2
YuietsERp1A20eDVToZdly/QsbWddZhL4SwU8rXgJle1qqRlmnbj6gkVkyfomsFFH9pstqFUOIA=
last-modified
Mon, 14 Sep 2020 09:32:14 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iEDy1ixToWHdjX%2B2kcw4TSkdqgSlGtKuuO9JlMqiptXv7mwcIaoD6yUWgFkPkaW3f%2BPumga93LVZC7i%2B2txnoTt%2FCxYy5xdKpqzDpSabwUus7WhDjD%2FLihxASw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
061215b3720000dfad90936000000001
cf-ray
5e96beff1a84dfad-FRA
apstag.js
c.amazon-adsystem.com/aax2/ Frame 45D5 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:31:29 GMT
content-encoding
gzip
server
Server
age
125
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
LbhqWe_pZJEYxtmzGDPJ505AEAzaHtss7RTPw4LsKR6KhHpr8zPERQ==
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ Frame 45D5 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f650a88d4150fcff42f320ff7a0896d76967a0d3950658bfd81d07cbad21ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 292 of 1000 / last-modified: 1603883841"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17731
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:35 GMT
sid
mug.criteo.com/ Frame 45D5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&bundle=6aQNt182Qmd1SXYyc3lnY2IwMnZTcUNoTmVGV1NBZjVwb2UlMkZqTW15eWNld3hxYWlySFBNb...
  • https://mug.criteo.com/sid?cpp=tMOFtHxOK1ZwcUsxTEF0UjhWUmFMbngwUGI4QXptMFU3STFWOXFZSnFzZXJDREhsMW8wZ1MrcHllaEEzdjM1TEU1c0s5clNNNlAxVUlZRjdVZ1dvV243RFpRRFdaRnRVc0RZTHk4aGtIRkVuMGtYUmp2dVlqVy9wU3c3MH...
342 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tMOFtHxOK1ZwcUsxTEF0UjhWUmFMbngwUGI4QXptMFU3STFWOXFZSnFzZXJDREhsMW8wZ1MrcHllaEEzdjM1TEU1c0s5clNNNlAxVUlZRjdVZ1dvV243RFpRRFdaRnRVc0RZTHk4aGtIRkVuMGtYUmp2dVlqVy9wU3c3MHVXRG4rYlU5SDBTeDVZVVhwdU1yVjhML25PRjgxakVlWEIwZjJadTN5QlYxUmRtTWp4R240ODRoQ1JlbTBSVnJ1TEFPWlRBajBQMDRkdzg1OHpLTEVHRVdOT2UwclRZelJjakVMeDU4L2x5S3pOT2Z0aGQ4PXw&cppv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
81b0151d268ba027095c35119da2d79a24bd738bfa8a37723cd715e5eb66a555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Oct 2020 18:33:35 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1074
content-length
342
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Wed, 28 Oct 2020 18:33:35 GMT
location
https://mug.criteo.com/sid?cpp=tMOFtHxOK1ZwcUsxTEF0UjhWUmFMbngwUGI4QXptMFU3STFWOXFZSnFzZXJDREhsMW8wZ1MrcHllaEEzdjM1TEU1c0s5clNNNlAxVUlZRjdVZ1dvV243RFpRRFdaRnRVc0RZTHk4aGtIRkVuMGtYUmp2dVlqVy9wU3c3MHVXRG4rYlU5SDBTeDVZVVhwdU1yVjhML25PRjgxakVlWEIwZjJadTN5QlYxUmRtTWp4R240ODRoQ1JlbTBSVnJ1TEFPWlRBajBQMDRkdzg1OHpLTEVHRVdOT2UwclRZelJjakVMeDU4L2x5S3pOT2Z0aGQ4PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1111
content-length
482
expires
0
cdb
bidder.criteo.com/ Frame 45D5 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=27523732958
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://webfonts.ffonts.net
timing-allow-origin
*
vary
Origin
arj
setupad-d.openx.net/w/1.0/ Frame 45D5 		512 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwebfonts.ffonts.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=9d290cb9-a2a1-480b-ab67-d377583364d5&nocache=1603910015912&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&x_gdpr_f=1&criteoid=xX4K1F9JMTdoc2pJS25haDlLdmp4UnZBTGJFNVV0NmklMkZBYTVKOUxPdGxxJTJCVTRjbVBVZlh6M1UzV25KMnhoSnJsSEs5dG1zRWNHRmdmaFIya3AzWVRKajdoMmclM0QlM0Q&pubcid=35a81b29-dcd8-4e78-8b3b-1ae514d95d36&schain=1.0%2C1!setupad.com%2C67%2C1%2C%2C%2C&aus=970x250%2C728x90%2C970x90%2C980x200%2C980x180%2C980x150%2C930x150%2C930x180%2C750x200%2C750x150%2C750x100%2C980x120%2C970x240%2C980x240%2C800x250%2C980x300&divIds=div-custom-ad-1603910015691-0&auid=542516872
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash
1912d1469f19594a867f06873cadfc7dbaeefd69a89604ad9c8e3bbdd72b5ebf

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
gzip
server
OXGW/16.196.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
431
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 45D5 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=179158&zone_id=895508&size_id=2&alt_size_ids=31%2C38%2C39%2C40%2C55%2C57%2C78%2C79%2C125%2C145&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&rp_schain=1.0,1!setupad.com,67,1,,,&rf=https%3A%2F%2Fwebfonts.ffonts.net%2F&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=9d290cb9-a2a1-480b-ab67-d377583364d5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9374321660997011
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
11854056884f2649578f55aafc2e104bc8f659a890e5e09c7b03fb5417f1cfff

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
258
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ Frame 45D5 		24 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=268776&v=7.2&r=%7B%22id%22%3A%2279258dad568c7f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22896e53899b675b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%229f7be13e607e7a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2210d5a6eb69fbe1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221138071a343fe7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22126dda0700f701%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22136167b46975075%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2214a8550b49d17cc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A930%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2215289fe3c35a70a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A930%2C%22h%22%3A180%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22166a38ebd5e4866%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A200%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221714ea58ac9ae3e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A150%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22183f5430830d792%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A750%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22198125095536e95%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A120%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22208a56fc684f354%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22215a1928a2d5b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A240%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22220ef265bd7bb28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22232ef5f0f43d2f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_970x250_bottom%22%7D%2C%22banner%22%3A%7B%22w%22%3A980%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwebfonts.ffonts.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%2267%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9ff98897ecc0516a542eb88b9d2c4859cdab14ddd74b11d00f9bde615ccea001

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:36 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Wed, 28 Oct 2020 18:33:36 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 45D5 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:35 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://webfonts.ffonts.net
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 45D5 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:35 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid
180275cd-0a5b-4c9d-a6d9-8e2427bbc572
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 45D5 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://webfonts.ffonts.net
prebid
ib.adnxs.com/ut/v3/ Frame 45D5 		19 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:36 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid
1c1e6e7a-a985-43f5-9ad8-a0b5e9e50421
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 45D5 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b6dd7d74246f769fa9679b51096041cacb5f6946ad541806d44fc01d61e3efc5

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
prg.smartadserver.com/prebid/ Frame 45D5 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.29 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
x-smrt-d
6%3b0%3b80
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
/
hb.emxdgt.com/ Frame 45D5 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1603910015921&src=pbjs
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:35 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
/
adx.adform.net/adx/ Frame 45D5 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTU1MTY2MyZ0cmFuc2FjdGlvbklkPTlkMjkwY2I5LWEyYTEtNDgwYi1hYjY3LWQzNzc1ODMzNjRkNQ%3D%3D&pt=gross&stid=f8333750-3a3f-4023-94de-ecffc8562dac&gdpr=true&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&fd=1
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
584997659bcc6829d490e7d4f8c14955bd0b95ec27f0c2070adf2f3b9e5129d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
strict-transport-security
max-age=31536000; includeSubDomains
pragma
no-cache
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
v1
dmx.districtm.io/b/ Frame 45D5 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
cf-ray
5e96beffbe09d919-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
061215b3d30000d919c9308000000001
usync.html
eus.rubiconproject.com/ Frame 9FC1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgZ1rOqUPHfhRM3ya9WQiOHKKRWt2j6qYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexkkvGuuYKBWI6L8JKS3dwHNbrrxlA==; ses9=; vis9=179158^1; pux=1512%3D94891%262231%3D94891%262249%3D94891%262974%3D94891%263778%3D94891%26brx%3D94891%262249-DV360-Hosted%3D94891%26idl%3D94891%26; ses10=179158^1; vis10=179158^1; khaos=KGTQLZXI-1I-J1QA; audit=1|hLZGFuTafB2Um3DEJLiYnZqpp78UDnSwwMaMES+xNTHncz7sCc22iy/Ex31u+pchyClEx23Lu6oN3RvxDrMJ6p+EAUBqaY/BxFHLmP6yrw14pIuHCQ91wHgCI8osVe9cvcP91uQdN+S1d2EIIHUVuS6jvDD9rCmEqG9HI9Nqo1ETa3ZDVf6iBWT4PEmxf/DKWcNjgU7LTT828Jzf+1bPfH1PXDEzWiXfGw+kk9N5g25TKNtz8W36zA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:36 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 28 Oct 2020 18:33:35 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4FC 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102201&jk=475676721852067&bg=!V1SlVHTNAAVp0lmVaVg80f1cWIBdsQIAAACBUgAAABQKATZacKq_K88KUs_u5knxX4eJTgp1AruakWAP5PeVvQRSjBEYXpjmKfSD0trBRDUj4DcZTJud5s7zU-36wQGuOOyp2CA1itdxMuq8bxs4mXTFSKXMO0XyXqpzBraLTVGue5H9XDRg_DzwjeV0CKfJ5HEIc8v0ZuSYkuT64pnYDOvdJwqYtbrOafulkjaSLKXnyCKzufuolJbPBOohwFeotFRT4rZCTOcmaNBlQGjLZFN7FG_jDFQRO4ViZbtX0g-I7Ep4_pu_jBkIT_6SALAGJFTxksZK24R_SXYl5fr3Gfm7EnXVIvrtgf0o7Fcb6sDirX1ef6pzcrLKSrq0AMo46a1BGROP99k4e-XMrp_Bg0OJV_jtlBiCoiHT8Xfqg6d80sHrB4FkkLpcT9Yv0KC9ioJClFsJaofEmQHmKzrjVcu3YgQd3VrDLw-CO16kWaHjiss63zcvXEzlCinFeoXTzjLLf-ATQBH6jt3-u0SxvjIvN9tedE661oIz1qd_6wrg1dZnVnsvaerybqD2tH_Xsbk0JfDHsvGBmPodbszBBMROSqQpb0Nessz-lAh_7-Wku0FCgTYtDmg6YAdY3WiYBmzwt5agfqd3NR9_G1dDac9c5V-CzxK_4VHgDHMeJhaT7FqdjAlgZoyMkmOxvGfvpewx82EmvdUHZg6Ojlf65YrGMb_-GycnltHqwKgxj-DDbH4s9KWERXlke17xktsOs9Mc6pux4bgEwp-jTAvjxiX0tsdGcgv0MAtWVjIHFIBlsM1MPb5r9m8hNt1GE-wQWGjJIRy4Z4nslRLFmnHEZDbDxERp2NH2Sp1U-Lp09nHlqTLAroYZ9WggVUJgYjDSYrX66wxJyFV_Oa_Ci95ylKFw4sghCYqbz7FHefHOwzZUrDWcaQRFu6jDkoi2P-uSWh5N8WrF3Nb5M2EV9q-vRIN4C0lF37Gu5rIb1UbQIlO9gvl3WT9h2wQEWCcxP3XihO1a19tmvYLe1J9vHyWS7_CZDzvHyuEbtPd6geWjiwBfvjzkxxi1QPyK_gdY4YGwdv6qn2QLvXLf966tU1_JKg3d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEB7 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102701&jk=3669000389855884&bg=!j4yljKzNAAVp0lmVaViBwhYPY_sOSgIAAAB4UgAAABEKASrKnk9KSc1RxG90dfdLBGDUF8XJHMBG0KNOCmfYz-aAvoQvAYt_i0oitRdM5-bZlbITyAvMvhXWFBok6spvPr_UxD1YO80rmxdDNewO8tFj4-1GrHVfM4xGsSGz7XyU7tTJQf3OfI35hYuFCEuB654MSjsQIbbnLqnrgjluH_faEoLNpyxQmuAEl2IMFB3KQRqun1MyARWHRyKwNsy16O2QhPAW0mEK6f42I5iHcNAD8aCBk96qFEJwkha3GLzIZpkZj-oJ9Sm2eQttK6FSw5yqgBry1hBuiukkXddOwi30pr2alagptq2JdaJ51x9KriarDpUbiwdcg9_xaipSsJoHpE7Rbvt5YYGUDp_VDAo-od9Jf2iOmZXv_u6IihfMCo_8A8atTrbL51BymQHm1KTQkeMTRCFyPA_uuSznXDb9Qj2GL7Aa8WEEQHXi9x8TxxqmIR-AHV70v_sFWrGC2km2KHby2onC3E4udbJ06WFScia0TYxkrZKSq8pZx0hOHdc-sxrIjybl7dRKByPI_SJpqvuC1ac1TTWjt9pBs9whQ-zHCdZ_HdxaqKnf_jISABbEqSrSX7Wb_jUsoIKO3VQGwLpyCw4qPn0Yjnb27nEDSAhAzHTSr9RIz21VHRpHnc3a-Oy_P0OdZQ4ajBqV7iHYB4HSFiU2on4libKLZdtHtO6iKLkacZG4pI9s093SM2GgX0gl4u8_RXb23PRlpwk-WCZSnD0G6bgkHdrO0FoQ8RlO2kjDei5FYB7Zw8tzOcmvOv6aVMtgVyxYu9Uuy18c6z728gbdDx6nE9S4DIeBuTbyRJCMdUYAYDPqD809Q-tNc8_oQ5xdodTAAwruz1Jm75sY9BfvAPKj1aNvMIU4q6xmAfCUHhNrFx-fWOQQLLE3pVRHapqR7UNy0KGGVSMChxdVdt1UZFCx5dPS43BtwjD-4N8SQXnMB8836LOxuDDZNCgOkLRWKUHr-o6noVGyw71WbR1KG9O9H_ltvz_2eXd7_5OAJRl2EWVUWjiXN9x7-rZ_tMEwq7_Dncrr-FU4SpAx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.ad
s.tribalfusion.com/ Frame FCC9 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9687a0a5fcf7cfbbe3ae5987f05b876b3097d223c3754e27c029fbb54e9f55b2

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
2109
cf-request-id
061215b3e20000fa440b84c000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
10
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
5e96beffcac6fa44-AMS
expires
0
j.ad
s.tribalfusion.com/ Frame A0C7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=300x600&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aOmneMms3tptrG3Enf3dAoSpbMR3aE3Zc&a=3&adContainerId=richmedia_4&rnd=9945726
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/FFontsnet/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d2fd01588987e34ce6b7d981718e3f3094125313997a8e6cf0fa14adc21d65

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
status
200
content-length
928
cf-request-id
061215b3e30000fa44f1261000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
5e96beffcacafa44-AMS
expires
0
adagio.js
script.4dex.io/ Frame 45D5 		64 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:35 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1
status
200
access-control-allow-methods
GET
x-amz-request-id
2F91EC5F71DD0A0E
x-amz-id-2
hVXZsur1ndMPmF61Q3B8z/zm8RHCGASs1xWEVm1ATwtZgxjw2nlPejgmEqRt3US+Zxb8k+VZ4Sw=
last-modified
Mon, 14 Sep 2020 09:32:12 GMT
server
cloudflare
etag
W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YbfNC4b5mXyjqQl1%2FTjSGAOGN6saxW0TjHfRUVKrQft5d7x5wLV2levuYOMy83EI0fCVvJgFyk7%2B201k0tarsys4MANWZo635rysCVd0bCCsqwa75a5ISeSqCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
061215b3cf00000eaf22b9c000000001
cf-ray
5e96beffbc7d0eaf-FRA
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/ Frame 45D5 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 08:43:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98380
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 45D5 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 17:48:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2686
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
GWZwGckx0TfhbXxQL1s3KqixdB5OoXUCFVlGVyZxkUmEkxAjxFtv9g==
bid
c.amazon-adsystem.com/e/dtb/ Frame 45D5 		451 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwebfonts.ffonts.net%2F&pid=poU5AsnMXlF11&cb=0&ws=970x250&v=7.57.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22980x200%22%2C%22980x180%22%2C%22980x150%22%2C%22930x150%22%2C%22930x180%22%2C%22750x200%22%2C%22750x150%22%2C%22750x100%22%2C%22980x120%22%2C%22970x240%22%2C%22980x240%22%2C%22800x250%22%2C%22980x300%22%5D%2C%22sn%22%3A%22%2F147246189%2Fffonts.net_970x250_bottom%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fa1736ac5bc73109f0b8db968d725aadf2e3025841db7d41eb73742bd8acbf5f

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
388
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
Ya0clJ8sZW6gkW6ncTPm9axKII-sQ21SAAV2yvCSDlxhGiOo_sJbeg==
/
track.adform.net/adfserve/ Frame 340A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=40989724;rtbwp=0.141904;rtbdata=U41l7GRdQTNX7HT6nJtr_YfhZGA9wU64i6hh8ffw_NjuM0vIw2Kvo4KIWaYgryaCoYs-IG43r_Epk5uXTGvy8bwAFVr3b3OEh3df7mmYw0mWLTSq2oyyU9cR2JE3DJS6jktDqoeTlPfaT7EzeyijHAWG7AxHHhIydDur8H5l4Eqwk_YGTWodX-cNozvNLji8HrY5KhBcWjF6whSzI2Q76aGZM-BnXoEQqIBtM9AiDTnsHHYZQqRH5kgco_XwZsqahLi54b2pyJ-maqm2iIIeamPzViXQUycy78HJ5dtlcQdByGLtoucpXLTVXsxCbJ1czLzA-rJYrEntjduim2gpFQCG2eY6t715vJTx7vkqdo9DGUaL4PXVLg6uNvHteuckIR6ak-IwgCRva7f5iIbn12UXDNij7HdaDklx7SqlnK2dhvIjeGyYmQLcvP4RMpbg_2Czo_MXT3BeUIbMhxRSozoRVd_WWqvGTITWy3xCSL0G_yaniS0N8Ufx9Pgpu36zXY539y5sUdpi6f15QEM7xIViNljdwIoQM-5jsfBVDs7VPIJ7TBx_Y121yMVpFN6mQGZhP5Pq0-i0WGZtY7bban1IL4KG2tolcgoAUXbkUvA0KRY8AEF_3O1XpwnofQTYrxBqNLLpzBtdCMZPHQ5HqVEAUOQGQ_Aw5bX9WFsfUVBZEAnApp6dzJughLYLsq-cVXuFEHGV8Xa5IbstD4NO9YPeQotqEineOjBBLWIf9NyL23O2nm5axseY4lafjfVnz8n5_F25F9e4KmKQAjwmmRfwBCHfY0d7_Lh9ScXRYnPCKxO30yUxq42tl1RwluyBBsFp0JFMh4nE4_sQZGQgqA2;js=1;adfxid=1x;5686;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwebfonts.ffonts.net%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6a654f1999809111866165651e7f33be50a4c1cf88c6aa7bcbe79477cd628b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3514
expires
-1
iu3
aax-eu.amazon-adsystem.com/s/ Frame 7FD6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:36 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
65
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
User-Agent

Redirect headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:36 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Vary
User-Agent
B21830396.231455012;dc_pre=CLP0krb21-wCFQfHuwgdW5gBAQ;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/ Frame 340A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
  • https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLP0krb21-wCFQfHuwgdW5gBAQ;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc...
42 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLP0krb21-wCFQfHuwgdW5gBAQ;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N126614.1945103AUDIENCENETWORK0/B21830396.231455012;dc_pre=CLP0krb21-wCFQfHuwgdW5gBAQ;dc_trk_aid=469042027;dc_trk_cid=133351454;pb=value;ord=45342;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F12B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36221
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame A61F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=715283&adId=2927004&adType=10&adServerId=243&kefact=0.100751&kaxefact=0.100751&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1603910014&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.141904&dcId=3&tldId=61233991&passback=0&svr=BID22404U&adsver=_1851472263&adsabzcid=0&ekefact=frmZX8vdDAB4LxWnVN1gfxfHFxszHEPie_rThIE11fRFoLBD&ekaxefact=frmZX-TdDABhJt2UEr3maYUcoXh9KuDe7KyNx7Ht5zZusvJU&ekpbmtpfact=frmZX_ndDAAIffDAsNwTb-hTQ4obqnWaZ0Day-2hj3Mw8Btm&crID=40989724&lpu=optegra.com.pl&ucrid=3568702713981877136&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=7146&wDspId=391&wbId=16&wrId=0&wAdvID=192478&wDspCampId=1928938&isRTB=1&rtbId=BF98C17A-6219-4310-A368-5A1BD6DFE2B3&imprId=CAC5D8C4-6D45-4D96-A851-1D37DD5736BF&oid=CAC5D8C4-6D45-4D96-A851-1D37DD5736BF&cntryId=180&domain=webfonts.ffonts.net&pageURL=https%3A%2F%2Fwebfonts.ffonts.net%2F&sec=1&pmc=1&pAuSt=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Content-Type
text/html
Content-Length
0
Date
Wed, 28 Oct 2020 18:33:36 GMT
Connection
keep-alive
truncated
/ Frame 340A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee4e19a70b53bdd4ac4b54205bdf7c617207e41405315aba6a2ecb42ed2e4873

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 45D5 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 45D5 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 45D5 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=127927986575032&correlator=1124653033954246&output=ldjh&impl=fifs&eid=21068116%2C21068364%2C21067753&vrg=2020102201&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=147246189%2Cffonts.net_970x250_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C970x90%7C980x200%7C980x180%7C980x150%7C930x150%7C930x180%7C750x200%7C750x150%7C750x100%7C980x120%7C970x240%7C980x240%7C800x250%7C980x300&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.11%26hb_adid%3D43a2183c0f69d0a%26hb_bidder%3Dadform&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910014%3AS%3DALNI_Mb5JPFw8wluNQWQmGFPRuImNTLHqg&cdm=webfonts.ffonts.net&bc=31&abxe=1&dt=1603910016145&dlt=1603910015666&idt=458&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=5229&adks=3845586048&ucis=v97lpdeg6qw9&ifi=1&ifk=2760063188&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=www.ffonts.net&loc=https%3A%2F%2Fwebfonts.ffonts.net%2F&top=webfonts.ffonts.net&dssz=11&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=2141877335.1603910014&ga_sid=1603910016&ga_hid=258519217&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3394f9685ed61b92fc5fec7fe45f98d6c9310450fc2de6ae6696c7e6bb609243
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2206
x-xss-protection
0
google-lineitem-id
323971829
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303033644
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 45D5 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 340A 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:56:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FCC9 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2a76fa1fbfbd032e4387e1cd59cfa2937368b9ad7831afd44a890373aaeae35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45803
x-xss-protection
0
server
cafe
etag
10384338189906215808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 18:33:36 GMT
p.media
s.tribalfusion.com/ Frame 915F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aUmTR85EUg5teq5PZbZdmUYZb0G3YXGQY1sBnnEfU2U3WTFbAUPU3PTb3PVrmQHFMYtjwTmMv2sB20FFJT6yw5mFdQPbE4drrXWJZdpd6o4AvY5cjbTVn9VsfjPPYoUWFTTrj25biqWqMoTTUlParLQGFJQFupRWY7WGQQ4F6nodiOXaeu4dQZdPcFG26vIpHXsTdQaYU37Ybbh1TatSbvZbWUBSTtJ2tUZbAuM4PTY&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aUmTR85EUg5teq5PZbZdmUYZb0G3YXGQY1sBnnEfU2U3WTFbAUPU3PTb3PVrmQHFMYtjwTmMv2sB20FFJT6yw5mFdQPbE4drrXWJZdpd6o4AvY5cjbTVn9VsfjPPYoUWFTTrj25biqWqMoTTUlParLQGFJQFupRWY7WGQQ4F6nodiOXaeu4dQZdPcFG26vIpHXsTdQaYU37Ybbh1TatSbvZbWUBSTtJ2tUZbAuM4PTY&mediaDataID=6719746&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
11
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4be0000fa44ecbe7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013df4fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 9E8D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aVmTR8SGjH2mQZapHPtTWF80b371F7h1TZaMRrYGTUYXTt3YobboPFroXqMn5aFj2arPoEbCYrU6WWrRmPvBmcfrptnH5qre5tun3AFGmU3EXVfR1sr51VjNpTb43bFUWF7CUAQXPEr0ScQMPH7xYdjpWPbv2cvXXFvZbTmim2PUePmMB4WvO1tQZdmdEw4ABS5GjbUVM8WVBgS6UuTdr3WrMP5b2pPTnCNTCggp&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aVmTR8SGjH2mQZapHPtTWF80b371F7h1TZaMRrYGTUYXTt3YobboPFroXqMn5aFj2arPoEbCYrU6WWrRmPvBmcfrptnH5qre5tun3AFGmU3EXVfR1sr51VjNpTb43bFUWF7CUAQXPEr0ScQMPH7xYdjpWPbv2cvXXFvZbTmim2PUePmMB4WvO1tQZdmdEw4ABS5GjbUVM8WVBgS6UuTdr3WrMP5b2pPTnCNTCggp&mediaDataID=6347136&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
14
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4bf0000fa44e89e6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013dfbfa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 3D9B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aXmTR85ter3A7ZbpbMZbXGvS1cn11GZbxmTB43FUWWFfFUAr0RTQXQsZbnPHju1HfmT6nn4cY5XUZbKV6am4A3eQArF3dUnXdvIpdTM36MY4VUgTsJ8WVbhS6rMWdY3UFMY2bZaqUq3rVTYaST3FRcbZaRbioSt7cWG3R4UTrmdqr0qmp2tbESGBZa5PnZdoWPqUtQ7XUf7Xbji0TIrSUYHTUnSTtJWorQmWrfFvR07n5&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aXmTR85ter3A7ZbpbMZbXGvS1cn11GZbxmTB43FUWWFfFUAr0RTQXQsZbnPHju1HfmT6nn4cY5XUZbKV6am4A3eQArF3dUnXdvIpdTM36MY4VUgTsJ8WVbhS6rMWdY3UFMY2bZaqUq3rVTYaST3FRcbZaRbioSt7cWG3R4UTrmdqr0qmp2tbESGBZa5PnZdoWPqUtQ7XUf7Xbji0TIrSUYHTUnSTtJWorQmWrfFvR07n5&mediaDataID=6530936&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
9
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c00000fa44058e7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013e02fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 0720 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAtVHFd0rbd1UjkXqimSbnZbUFQXWtQ2orFrRFBtYTFm4ajf4Tn0oTfK1bZb9UHMQoP7LnVnwpd7G2qUl5HIn3AnJprYEYcQ0YsFY0s7OmqnQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAmHaM4Av14Vj6TVJ8VVJjR6vwTWUWTrZbP5b2uUqjoQqUTw7WOHF&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aYmTR82mQZamdAtVHFd0rbd1UjkXqimSbnZbUFQXWtQ2orFrRFBtYTFm4ajf4Tn0oTfK1bZb9UHMQoP7LnVnwpd7G2qUl5HIn3AnJprYEYcQ0YsFY0s7OmqnQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAmHaM4Av14Vj6TVJ8VVJjR6vwTWUWTrZbP5b2uUqjoQqUTw7WOHF&mediaDataID=6546596&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
9
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c20000fa4426190000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013e0afa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame BC13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a0mTR8pdEv36YS5VYeUGBaUcjfS6nNWWM3Ubj12bEpUqvtTEMcQEBJRcfZdPFemPHrkUGMU4F6ootyrXaup3HjAPsjC2AnJmdPpVWjhYFQkYFYg0a6qRr3CWU3SVHJ4nrBtRUFoYEUt3TJa5TU2oEfDXFU9UWFUmP3ZdnG7mmHnJ3TZbg5tEN56JZanrUZaYcfPYVFY1sZbNnaFV2bUVWFBZcUA7TREb0VGQGvFKTPY&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a0mTR8pdEv36YS5VYeUGBaUcjfS6nNWWM3Ubj12bEpUqvtTEMcQEBJRcfZdPFemPHrkUGMU4F6ootyrXaup3HjAPsjC2AnJmdPpVWjhYFQkYFYg0a6qRr3CWU3SVHJ4nrBtRUFoYEUt3TJa5TU2oEfDXFU9UWFUmP3ZdnG7mmHnJ3TZbg5tEN56JZanrUZaYcfPYVFY1sZbNnaFV2bUVWFBZcUA7TREb0VGQGvFKTPY&mediaDataID=2713736&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
54
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c40000fa444718b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013e13fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 5EB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a1mTR83A7ZbprMZaXGQWXsJ5XGBynEfW2FM2VU7FVAv5REn5SsvqQdUv0HBrVPrw4sUW0FUJTmip2AF8PmjK3tFm1dYZcpWaO36JV3sQgUGnjWsMgSPQOUt3RWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHptaqUtj8YFfaYbYi1TAoRUrFTbQYWtvWorQxRUrr4aYHOmm1Uj&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a1mTR83A7ZbprMZaXGQWXsJ5XGBynEfW2FM2VU7FVAv5REn5SsvqQdUv0HBrVPrw4sUW0FUJTmip2AF8PmjK3tFm1dYZcpWaO36JV3sQgUGnjWsMgSPQOUt3RWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHptaqUtj8YFfaYbYi1TAoRUrFTbQYWtvWorQxRUrr4aYHOmm1Uj&mediaDataID=5436426&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
45
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c60000fa444a8fa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013e14fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 866F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a2mTR8mdAtVWJ6Xbnj1bjgXaIrRFvZdTUvSVdY2nrJmRU7m1Tnr5EUe5TY5majB1rBhWWbRmAfIpVfmoWvJ2aFk2Hem3mBKprjL0GU0XGMV0VvvnqB23FnSTFjZcWm73QEr3ScMnQtFNYtbuWPQM4cU4YbZbJT6Tt4AvcP6MA4WUO0HBLpdeo4P3W4VMeUGJdWVMjS6nMUWvUTFj02biuUqjvTTJaVq3NyJBcqB&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a2mTR8mdAtVWJ6Xbnj1bjgXaIrRFvZdTUvSVdY2nrJmRU7m1Tnr5EUe5TY5majB1rBhWWbRmAfIpVfmoWvJ2aFk2Hem3mBKprjL0GU0XGMV0VvvnqB23FnSTFjZcWm73QEr3ScMnQtFNYtbuWPQM4cU4YbZbJT6Tt4AvcP6MA4WUO0HBLpdeo4P3W4VMeUGJdWVMjS6nMUWvUTFj02biuUqjvTTJaVq3NyJBcqB&mediaDataID=4056396&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
35
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c70000fa44ec3cc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf013e17fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame BFF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a3mTR836YR3sr6TsUkVVfhPPnnUHURUFFP3rZapVqroTT37SErZaSGQZcQFAqRtnaUVn32Uunmdqs0a6v2trZdPcMD5AQJmW6OVWYa0bUkXr790qqoRUrZcTbU2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUQHXsnVXGF20svNmaZbQ3bvTWr7EVAQTREbQScZbsVWJZcv1syQ6&mediaDataID=6680176&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a3mTR836YR3sr6TsUkVVfhPPnnUHURUFFP3rZapVqroTT37SErZaSGQZcQFAqRtnaUVn32Uunmdqs0a6v2trZdPcMD5AQJmW6OVWYa0bUkXr790qqoRUrZcTbU2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUQHXsnVXGF20svNmaZbQ3bvTWr7EVAQTREbQScZbsVWJZcv1syQ6&mediaDataID=6680176&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
93
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4c80000fa4441945000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf014e1cfa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 5A3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=a4mTR8prMZd0GnS1sU1XVrupTJR5FnRVUJZcWPn5QEM0ScYpSd7y1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O1tJZdmWEy3Pv13sbbVcrjVGF8RAFMUHU4TrZb55bAuWEjmWTY9STnJSVBJRravStU8UGnT5r6nmtZaoXa2M2dbFSGjZa46JZamdiyUWbcYrUiXrYf0TqoSUMCUbM1WHY3nr7xRUrN1EFtXqJ5xcycrW&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=728x90,468x60&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aWmneM1dMZbmWAM56MQ5c3cXUUVR3aP2o&a=1&adContainerId=richmedia_2&rnd=9943923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=a4mTR8prMZd0GnS1sU1XVrupTJR5FnRVUJZcWPn5QEM0ScYpSd7y1dvqWP3N2GQ20UYBV6qm4PZb7RmrA2H3O1tJZdmWEy3Pv13sbbVcrjVGF8RAFMUHU4TrZb55bAuWEjmWTY9STnJSVBJRravStU8UGnT5r6nmtZaoXa2M2dbFSGjZa46JZamdiyUWbcYrUiXrYf0TqoSUMCUbM1WHY3nr7xRUrN1EFtXqJ5xcycrW&mediaDataID=7665496&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=a8nsAGw5EGtAaINQeEcJZd1UXQBZcAVxJ2C5eWMrUTUdESXZcsQMjIr8l3clDvQoVwIvvkrI9yTruWHFSDoUE5O
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
4
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b4ca0000fa4423291000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf014e24fa44-AMS
content-encoding
gzip
truncated
/ Frame FCC9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a18deadb3b64ead79852e2348a71f8f7475a73680d7f9117e92e81278809316

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame CF69 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEtnze83dtkApH_0arFX6M7rdohXb0i06aJRMLEzwA0tlHV2aikaBfinG9IhnsvL_Lv28oZoYxEu3hsq53Ro4n7BpNKYeO6_0Nfkcciz7YThjcDAryA5zvJegKK7UIWgc-ek5DGR0_qRO8IpVjaT4x5g&sai=AMfl-YQPVgWy-OvsTEqr369tZG0p-94VYfAWtrScIuY5hsqj8hg5KBufClCPhz3y97SyTHNsoanN1VgUcHqYYEFPvPWE6AA-cpwmmzQNblkGtht62mYnxvZxFdBg_locg7Q&sig=Cg0ArKJSzCfMQAT3CxY_EAE&cid=CAASPeRoPSwui327CSCmALtPd0shjzKAtZyqfNy37d8xd2x47PkxVh0T7zatAKTcBkPtSoydcmSa_dIqfq_KLzA&id=ampim&o=501,100&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=155&tls=1155&g=100&h=100&tt=1155&r=v&avms=ampa&adk=3766281543
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame A0C7 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&site=ffontsnet&adSpace=ros&center=1&env=display&size=300x600&busted=1&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&f=1&p=9940948&tKey=aOmneMms3tptrG3Enf3dAoSpbMR3aE3Zc&a=3&adContainerId=richmedia_4&rnd=9945726
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772cb4b4558e1f8f9cbf61622fbb740b96fb839225fd04ee684f6cb4bdd4ccfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 358 of 1000 / last-modified: 1603883841"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17901
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/ Frame FCC9 		230 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49a44824c3371216dcba3e1089ed5cda6fce27c200e23ea43c840b85b7837eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88453
x-xss-protection
0
server
cafe
etag
643044372586169514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Oct 2020 18:33:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/ Frame 1C38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201022/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201022/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkGh5glHx-TaZR303j9rJDoOUOSCECBdtfMhl0cQBo9LjFQxMLP1ggsF0xK; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 28 Oct 2020 00:42:09 GMT
expires
Wed, 11 Nov 2020 00:42:09 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
64287
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
pubads_impl_2020102601.js
securepubads.g.doubleclick.net/gpt/ Frame A0C7 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Oct 2020 08:41:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98213
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
/
track.adform.net/csimpr/ Frame 340A 		35 B
471 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=40989724&csi=T6_86P7ony4qxyXHjn-nMSp0vUeoko0R1i_msQ1Kp3DWccfIME0h_r-LKj7l8Ot2KTFEXjK6C0JpEtfuTUVZOw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
40904972.jpg
s1.adform.net/Banners/40904972/ Frame 340A 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/40904972/40904972.jpg?bv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5407d04d700aa46c34a0b1c62383ab53e6bbc02a0508ab80c2e255cd4fb1dd55
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
last-modified
Wed, 30 Sep 2020 11:59:44 GMT
server
nginx
status
200
etag
"5f747330-eda8"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
60840
cookie.js
partner.googleadservices.com/gampad/ Frame FCC9 		200 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=webfonts.ffonts.net&callback=_gfp_s_&client=ca-pub-7766349947687093&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910014%3AS%3DALNI_Mb5JPFw8wluNQWQmGFPRuImNTLHqg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0b4413406b8803a84f26ac88c3e225cf679da60537028d89358c18205b700cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FCC9 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FCC9 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7766349947687093&output=html&h=90&slotname=4832601341&adk=1821472241&adf=1766241089&pi=t.ma~as.4832601341&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603910016203&bpp=28&bdt=1343&idt=96&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910014%3AS%3DALNI_Mb5JPFw8wluNQWQmGFPRuImNTLHqg&correlator=7560458724622&frm=23&ife=4&pv=2&ga_vid=2141877335.1603910014&ga_sid=1603910016&ga_hid=252010707&ga_fc=1&iag=3&icsg=43354&nhd=1&dssz=16&mdo=0&mso=1088&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=2017&biw=1600&bih=1200&isw=728&ish=90&ifk=1612423490&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=1901927532529967&pem=857&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4iozvqx17wn2&btvi=1&fsb=1&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7766349947687093&output=html&h=90&slotname=4832601341&adk=1821472241&adf=1766241089&pi=t.ma~as.4832601341&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603910016203&bpp=28&bdt=1343&idt=96&shv=r20201022&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910014%3AS%3DALNI_Mb5JPFw8wluNQWQmGFPRuImNTLHqg&correlator=7560458724622&frm=23&ife=4&pv=2&ga_vid=2141877335.1603910014&ga_sid=1603910016&ga_hid=252010707&ga_fc=1&iag=3&icsg=43354&nhd=1&dssz=16&mdo=0&mso=1088&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=503&ady=2017&biw=1600&bih=1200&isw=728&ish=90&ifk=1612423490&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=1901927532529967&pem=857&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.4iozvqx17wn2&btvi=1&fsb=1&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkGh5glHx-TaZR303j9rJDoOUOSCECBdtfMhl0cQBo9LjFQxMLP1ggsF0xK; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Oct 2020 18:33:36 GMT
server
cafe
content-length
205
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame FCC9 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7qqvx4EzXyRno653TMwDesterDERokFiEid3DeVIPnnOrdeAKd9qWDhY1o0CAMKxthtODAAW5Oi7b0FifaRtgQV1HEFiOisARVFDn-5BpbC3JDK9qlgpWjtKQ77fMJgrKVIKVVKHdcyiUrXnsxVIV5Y0qT_vIHS1Q0yhpAp_j6eJqVyVFC8X3GIwQXKicSGN3o_q-KWgHmJpMyaemEGOZBHQtLWDOHsMDgUJMcs65nzVpsEQb5fFVF7O2omzRPMuV4p07Fi1B-Vb5BIE9Q9O0UVM&sig=Cg0ArKJSzI8w0scwVU8qEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ Frame 45D5 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
/
track.adform.net/adfscript/ Frame EAB1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=41252078;rtbwp=6fX3PPo5uCqRuXNlDlbVnmhxCuqQJO2E0;rtbdata=9_S0jokeAZcjF5Q8EPR9o6-IkMUf3b6B2h1ke4NqKYJFAT0aQHd1bfUEE_2_BgOoJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvqUIn6-JtIOdSk3XppYty2xZWR_iCcvNDjDd1t9UMo4wDL81fWZGET03eJbyqipyJBbURAEK9rBP_XpT9W25h2k21tviswzEfKiqJfZI2cHXKTYH8eBVmq60QbK1WgcOBQKaWKxhXABU0RwOhweQQxrP9GEdSnheoG4WBa2YruCEcLkTySx-jVcNFXaZ6sac-aeuvCozNTJ-gzH0mM8lu0ahCy9qi5w0EXQjGTx0OR6kDadSQWjls3eW1_VhbH1FQ9aIt_nm5mO2boIS2C7KvnBDoOs3qFl3euSG7LQ-DTvWAak54dzP_xYaO387yX1xTeHDGZhtS48HC6XobdUD88zlQl1MEdE0Lo-x_4eL146pjLOQ1St0czxs_yo5fT5CXhUXwJHUNEDhzLTMmt9MJeOW5L7Jt5K97NqCLmxydmOzHOmF9eRmb8q_1QDzjoJ565quJ14jEm_npKNweuV4E_1yqN7vNyqUlASFGKhiU_rnW5cfBNA7q6VtS8Vq49yZxp-2k5gTo9kx0DDzKc0Hr-95GeD1e19mrsfxMpQTVyK02SmfNIzMn3BTO55tIvV4cQsICMdF_6R-fuEtE2hF-AawN3GDlju9AeQcnBI4Ovmg1;csid=60999;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=xZxxCazD0UUqHMLsI0XOHZiVRV91hr4ixAXLe1uKemSmLjooOXN9u5T7WXJg35mT3VYN4Yze8-Yqmn0N_R0iVnyodprii-IX6Hv5ZOm5JomfVuMDQ2y6rujuEAkPuxjSJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvcu_rbS-UVFlMdNVl83PDrW-hn2AAo2e72Z_LqvsiVbwuA2SFq55Ae-xWNaH_92N20;icid=2589543603796315587;icidt=637395068159481065;
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4c427f7d925e4ac0c8024e2b6efdf4286f808d69bbbaac395d5031e13e71d78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1653
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame EAB1 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
051131286663a0b5cab64a1a73eeb8091669037ecfa6e88d922305aafe321f3d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 13:17:29 GMT
server
nginx
etag
W/"5f7f1169-e9d0"
x-cache-status
HIT
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
pixel
cm.adform.net/ Frame EAB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adform
  • https://x.bidswitch.net/ul_cb/sync?ssp=adform
  • https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_user_id=605b88fa-62f9-4be0-8a62-cb850d418c3c&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c
  • https://rtb.4finance.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adform&bsw_user_id=605b88fa-62f9-4be0-8a62-cb850d418c3c&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c
  • https://x.bidswitch.net/sync?dsp_id=159&expires=14&user_id=f1b2fc6e-a4a8-4e5a-800a-c1f6d5ae0f2c&ssp=adform&user_group=&bsw_param=605b88fa-62f9-4be0-8a62-cb850d418c3c
  • https://cm.adform.net/pixel?adform_pid=3&adform_pc=605b88fa-62f9-4be0-8a62-cb850d418c3c&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=3&adform_pc=605b88fa-62f9-4be0-8a62-cb850d418c3c&adform_v=1
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
etag
"5784fa70-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43

Redirect headers

status
302
date
Wed, 28 Oct 2020 18:33:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//cm.adform.net/pixel?adform_pid=3&adform_pc=605b88fa-62f9-4be0-8a62-cb850d418c3c&adform_v=1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.adform.net/ Frame EAB1
Redirect Chain
  • https://d5p.de17a.com/getuid/adform?url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d7%26adform_pc%3d
  • https://d5p.de17a.com/getuid/adform;c?url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d7%26adform_pc%3d
  • https://cm.adform.net/pixel?adform_pid=7&adform_pc=7871467943501614992
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=7&adform_pc=7871467943501614992
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
etag
"5784fa70-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43

Redirect headers

status
302
content-length
0
location
https://cm.adform.net/pixel?adform_pid=7&adform_pc=7871467943501614992
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.adform.net/ Frame EAB1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fcm.adform.net%252fpixel%253fadform_pid%253d16%2526adform_pc%253d%24UID
  • https://cm.adform.net/pixel?adform_pid=16&adform_pc=5062301763140123652
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=16&adform_pc=5062301763140123652
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
etag
"5784fa70-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:36 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
81e96703-9de1-42d0-ad35-24054093aa2c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.adform.net/pixel?adform_pid=16&adform_pc=5062301763140123652
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.adform.net/ Frame EAB1
Redirect Chain
  • https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
  • https://cm.adform.net/pixel?adform_pid=18&adform_pc=a7309d3d-3dec-4421-820d-da87d55eb13c
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a7309d3d-3dec-4421-820d-da87d55eb13c
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
last-modified
Tue, 12 Jul 2016 14:10:56 GMT
server
nginx
etag
"5784fa70-2b"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
43

Redirect headers

Location
https://cm.adform.net/pixel?adform_pid=18&adform_pc=a7309d3d-3dec-4421-820d-da87d55eb13c
Date
Wed, 28 Oct 2020 18:33:37 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame EAB1 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 45D5 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 45D5 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0af2f1e4d0d53bc53432665abe0e880b1b7cf93bd336c1745cfd40f7acf7a4e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6391
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A0C7 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A0C7 		109 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A0C7 		57 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=651497422271598&correlator=900980818010428&output=ldjh&impl=fif&eid=21068116%2C21068384%2C21064372%2C21067753%2C21068030&vrg=2020102601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=147246189%2Cffonts.net_300x600_DFP&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=2&cookie=ID%3D5086dfa7090129b9-220852415ea60078%3AT%3D1603910016%3ART%3D1603910016%3AS%3DALNI_MaMecxgA5NMSMTc_tihknCXPtSJHw&cdm=webfonts.ffonts.net&bc=31&abxe=1&lmt=1603910016&dt=1603910016486&dlt=1603910014967&idt=1499&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=177&adys=3220&adks=3079354807&ucis=tu03oath0aj2&ifi=1&ifk=1321320627&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&nhd=1&iag=3&url=https%3A%2F%2Fwebfonts.ffonts.net%2F&top=https%3A%2F%2Fwebfonts.ffonts.net%2F&dssz=12&icsg=10586&mso=1088&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=2141877335.1603910014&ga_sid=1603910016&ga_hid=1160655297&ga_fc=true&fws=256&ohw=0&btvi=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a57ec0e8e0078a084095b4a3564226ac2eae67451f51c1523ee9136ac07a9e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14740
x-xss-protection
0
google-lineitem-id
5164630537
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326321249
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A0C7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
p.media
s.tribalfusion.com/ Frame 41F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=asmTR81rZb8WHbQoPvZbnVUpmHbD2anh2HIN5PfZbmrMZd0GMT1sn50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFr0WntWPMM4cvV0UFZaVmPw5mrePmMF2WQm1dUZdpdAo5PBP4sMcVcv7WcjfPPYoTWnSWbf12U2oWaUqVEM7QTBZdQVJCPbuoPHUiUcvW2UXsnHqrXEey3WQAQsJE5AYZbpdeyVWQh0bfb4rFXs9Zbh0X&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=asmTR81rZb8WHbQoPvZbnVUpmHbD2anh2HIN5PfZbmrMZd0GMT1sn50VvMmaBS3bUTTFbZaUPv4PEbXSsFtQdFr0WntWPMM4cvV0UFZaVmPw5mrePmMF2WQm1dUZdpdAo5PBP4sMcVcv7WcjfPPYoTWnSWbf12U2oWaUqVEM7QTBZdQVJCPbuoPHUiUcvW2UXsnHqrXEey3WQAQsJE5AYZbpdeyVWQh0bfb4rFXs9Zbh0X&mediaDataID=8039566&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=avnsAGtMPm4UTgUpMDGhl53J3pFAlRcfg8JtjZdTVvBC7IyopbZcJrcvYGOswSNA3IniZdtZaI5rQZa1q3HDoU9JA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
48
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b61b0000fa4463196000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf034b8dfa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 0D14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=atmTR8UVMT2FunmHAqYqPw4dQZbPsMH46nHotItUWJ60bM61Fjg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa5Ef3nabG1bjhWHrWoAUBmcYwoWfG3qMf2WZan3AbGnFbZbYGvV1cr00GfwpTb42bnRTUbFVm74PT32QsvpQtUOYt7uVmbu4srUYrBIUmPt5mZb8PPMF3dvm0dMImWZau46nY3sjgVcJcPG7YuZbv1CZd&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=atmTR8UVMT2FunmHAqYqPw4dQZbPsMH46nHotItUWJ60bM61Fjg0qqnSUnAUbQ0Tt3UobJnPUrt1TZbs5EFa5Ef3nabG1bjhWHrWoAUBmcYwoWfG3qMf2WZan3AbGnFbZbYGvV1cr00GfwpTb42bnRTUbFVm74PT32QsvpQtUOYt7uVmbu4srUYrBIUmPt5mZb8PPMF3dvm0dMImWZau46nY3sjgVcJcPG7YuZbv1CZd&mediaDataID=6807466&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=avnsAGtMPm4UTgUpMDGhl53J3pFAlRcfg8JtjZdTVvBC7IyopbZcJrcvYGOswSNA3IniZdtZaI5rQZa1q3HDoU9JA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
10
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b61b0000fa445631d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf034b91fa44-AMS
content-encoding
gzip
p.media
s.tribalfusion.com/ Frame 662D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aumTR80UUIVmqo5mUdRmfD4WFs1dnImdao5mQR4sr7Vc39UsJhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCQUmsStv8UGQU2FeqodIOYTPp2tbAPsvF4PFImdEyTdQ8Ybv81Ufl0aasPbUZbTbr3Td32nFQnPFZbpYTno5TUk2avRmEMD1r7fWWbWombImc7motfG2qvk3HZas4mfZamrUE0Gf01cF33cbKqdLnZcH&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aumTR80UUIVmqo5mUdRmfD4WFs1dnImdao5mQR4sr7Vc39UsJhRAFNTWMPUFjY5bIwUarpVTJcSEJZdSGBCQUmsStv8UGQU2FeqodIOYTPp2tbAPsvF4PFImdEyTdQ8Ybv81Ufl0aasPbUZbTbr3Td32nFQnPFZbpYTno5TUk2avRmEMD1r7fWWbWombImc7motfG2qvk3HZas4mfZamrUE0Gf01cF33cbKqdLnZcH&mediaDataID=9148826&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=avnsAGtMPm4UTgUpMDGhl53J3pFAlRcfg8JtjZdTVvBC7IyopbZcJrcvYGOswSNA3IniZdtZaI5rQZa1q3HDoU9JA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
date
Wed, 28 Oct 2020 18:33:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d4b9cd0c06f2204f4abb17b69751e82981603910016; expires=Fri, 27-Nov-20 18:33:36 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
46
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
061215b61c0000fa44261a6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5e96bf034b93fa44-AMS
content-encoding
gzip
truncated
/ Frame A0C7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a3df64e73b28d6e855d6465f5326c9fd3f77243cbed9afb41ce21bbf2d2918b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 45D5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame EAB1 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41252078;rtbwp=6fX3PPo5uCqRuXNlDlbVnmhxCuqQJO2E0;rtbdata=9_S0jokeAZcjF5Q8EPR9o6-IkMUf3b6B2h1ke4NqKYJFAT0aQHd1bfUEE_2_BgOoJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvqUIn6-JtIOdSk3XppYty2xZWR_iCcvNDjDd1t9UMo4wDL81fWZGET03eJbyqipyJBbURAEK9rBP_XpT9W25h2k21tviswzEfKiqJfZI2cHXKTYH8eBVmq60QbK1WgcOBQKaWKxhXABU0RwOhweQQxrP9GEdSnheoG4WBa2YruCEcLkTySx-jVcNFXaZ6sac-aeuvCozNTJ-gzH0mM8lu0ahCy9qi5w0EXQjGTx0OR6kDadSQWjls3eW1_VhbH1FQ9aIt_nm5mO2boIS2C7KvnBDoOs3qFl3euSG7LQ-DTvWAak54dzP_xYaO387yX1xTeHDGZhtS48HC6XobdUD88zlQl1MEdE0Lo-x_4eL146pjLOQ1St0czxs_yo5fT5CXhUXwJHUNEDhzLTMmt9MJeOW5L7Jt5K97NqCLmxydmOzHOmF9eRmb8q_1QDzjoJ565quJ14jEm_npKNweuV4E_1yqN7vNyqUlASFGKhiU_rnW5cfBNA7q6VtS8Vq49yZxp-2k5gTo9kx0DDzKc0Hr-95GeD1e19mrsfxMpQTVyK02SmfNIzMn3BTO55tIvV4cQsICMdF_6R-fuEtE2hF-AawN3GDlju9AeQcnBI4Ovmg1;csid=60999;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=xZxxCazD0UUqHMLsI0XOHZiVRV91hr4ixAXLe1uKemSmLjooOXN9u5T7WXJg35mT3VYN4Yze8-Yqmn0N_R0iVnyodprii-IX6Hv5ZOm5JomfVuMDQ2y6rujuEAkPuxjSJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvcu_rbS-UVFlMdNVl83PDrW-hn2AAo2e72Z_LqvsiVbwuA2SFq55Ae-xWNaH_92N20;icid=2589543603796315587;icidt=637395068159481065;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
652aa3a15b05e157b7229123aaf8842a34dfac5cc9ae432edfffe3f06336f61d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:46:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C5A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9A9L_QpF1ubsAto5XbRLZu4ivsavRYlB15N7WbJD7CxFlNlkXr-hNOFtOaal-vrc5aHIBw3PIO39m-05k9yDgi02Fi0cigw4r953R8fpUYI5GOz3-efTEa-Cu_EPGyKBaziaBpL_1kAv-5-jxAVT1B_n8lQ7VWynhPNfJR3FDVr3yaEpToliecRpXJ_ebY6R9GFTtLHMBIG4e8QYAoar1w_8O3B76cXXMPNPp8HLO7PPt040BBxViBXpyfrWDPBPlvjvAryNGbsNVVNnkZ2qOlU2tmQ&sig=Cg0ArKJSzPIpF_7HPAEfEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C5A6 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame A0C7 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 1AB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
304
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
stpd200611_3.js
cloud.setupad.com/postbid/ Frame 2D4B 		626 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.setupad.com/postbid/stpd200611_3.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
178.77.190.35.bc.googleusercontent.com
Software
nginx/1.14.1 /
Resource Hash
bed373320baaf76ddc3e345b527674a8aabb86e72b000c363bbc5fed4d7f82e0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 00:53:21 GMT
content-encoding
gzip
age
668415
status
200
alt-svc
clear
content-length
206701
access-control-allow-origin
*
last-modified
Tue, 25 Aug 2020 07:44:24 GMT
server
nginx/1.14.1
etag
W/"5f44c158-9c88b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 google
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=2592000,public
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Fri, 20 Nov 2020 00:53:21 GMT
/
track.adform.net/adfserve/ Frame EAB1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=41252078;rtbwp=6fX3PPo5uCqRuXNlDlbVnmhxCuqQJO2E0;rtbdata=9_S0jokeAZcjF5Q8EPR9o6-IkMUf3b6B2h1ke4NqKYJFAT0aQHd1bfUEE_2_BgOoJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvqUIn6-JtIOdSk3XppYty2xZWR_iCcvNDjDd1t9UMo4wDL81fWZGET03eJbyqipyJBbURAEK9rBP_XpT9W25h2k21tviswzEfKiqJfZI2cHXKTYH8eBVmq60QbK1WgcOBQKaWKxhXABU0RwOhweQQxrP9GEdSnheoG4WBa2YruCEcLkTySx-jVcNFXaZ6sac-aeuvCozNTJ-gzH0mM8lu0ahCy9qi5w0EXQjGTx0OR6kDadSQWjls3eW1_VhbH1FQ9aIt_nm5mO2boIS2C7KvnBDoOs3qFl3euSG7LQ-DTvWAak54dzP_xYaO387yX1xTeHDGZhtS48HC6XobdUD88zlQl1MEdE0Lo-x_4eL146pjLOQ1St0czxs_yo5fT5CXhUXwJHUNEDhzLTMmt9MJeOW5L7Jt5K97NqCLmxydmOzHOmF9eRmb8q_1QDzjoJ565quJ14jEm_npKNweuV4E_1yqN7vNyqUlASFGKhiU_rnW5cfBNA7q6VtS8Vq49yZxp-2k5gTo9kx0DDzKc0Hr-95GeD1e19mrsfxMpQTVyK02SmfNIzMn3BTO55tIvV4cQsICMdF_6R-fuEtE2hF-AawN3GDlju9AeQcnBI4Ovmg1;csid=60999;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=xZxxCazD0UUqHMLsI0XOHZiVRV91hr4ixAXLe1uKemSmLjooOXN9u5T7WXJg35mT3VYN4Yze8-Yqmn0N_R0iVnyodprii-IX6Hv5ZOm5JomfVuMDQ2y6rujuEAkPuxjSJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvcu_rbS-UVFlMdNVl83PDrW-hn2AAo2e72Z_LqvsiVbwuA2SFq55Ae-xWNaH_92N20;icid=2589543603796315587;icidt=637395068159481065;;js=1;adfxid=2x;6054;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwebfonts.ffonts.net%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04299d3d6c4dcc035a987abcc689a37fc94df02fe3bc13d9bb1d27f6a8221339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
4123
expires
-1
truncated
/ Frame C5A6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
735ab7353db72d77f8bad14687e7fcdf8931079175ffc9c2c82af8cb8bdc6d1a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
B24499893.286006679;dc_pre=CJL_trb21-wCFZfAuwgdvAYFqg;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7B...
ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/ Frame EAB1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
  • https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_pre=CJL_trb21-wCFZfAuwgdvAYFqg;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_f...
42 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_pre=CJL_trb21-wCFZfAuwgdvAYFqg;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N137008.1932310LIGHTREACTION/B24499893.286006679;dc_pre=CJL_trb21-wCFZfAuwgdvAYFqg;dc_trk_aid=479804323;dc_trk_cid=140227115;ord=22306;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EAB1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8a1639be638f6819c6bdd6b50c035815ec62d08ebd840336f2557acdd7bdc18

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
localstore.js
script.4dex.io/ Frame 2D4B 		450 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1233
status
200
x-amz-request-id
BC829EFC67C113E0
x-amz-id-2
YuietsERp1A20eDVToZdly/QsbWddZhL4SwU8rXgJle1qqRlmnbj6gkVkyfomsFFH9pstqFUOIA=
last-modified
Mon, 14 Sep 2020 09:32:14 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FHJQ9qk48cKcntPdYhhCCDQsAB9Bj1PYYhMNLEjxb%2BuIXJ1lkVWnkRRmRdPah%2FpRDysdToZU3ro2NU70CGqqbBi7gSEYiUMmia6fLmvsQC6J%2FuACzWK1aNq%2BUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
061215b79b0000dfadbbbaf000000001
cf-ray
5e96bf05cb48dfad-FRA
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2D4B 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:31:29 GMT
content-encoding
gzip
server
Server
age
126
etag
14b87a812615d68493a97e70b7b323fb
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hv5TJ5olJXJGR0nTi7Ts8FWMbOMEFduKpvGixTinsWYia9npk-7VgQ==
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
gpt.js
www.googletagservices.com/tag/js/ Frame 2D4B 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f650a88d4150fcff42f320ff7a0896d76967a0d3950658bfd81d07cbad21ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"677 / 210 of 1000 / last-modified: 1603883841"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17731
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:36 GMT
sid
mug.criteo.com/ Frame 2D4B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwebfonts.ffonts.net%2F&domain=webfonts.ffonts.net&bundle=6mAqH182Qmd1SXYyc3lnY2IwMnZTcUNoTmVQbDBiZDl4SjRPakZKT1lZS2dsSGRqNEJjM1V6Y...
  • https://mug.criteo.com/sid?cpp=Jwd6lHxsNXhha1o5dndhbEE2SDhxTzhlcEcyeXV0RFJjVDNGejEvWlFxMEtJR3ZhUzh2UE9MZFNPelJGdERQRDYwRktrZGgyMWhRRmFLRkNMSDNvTlZvZ0pmSGt0bElta25Ib243UjlYa1FFRzZMSXZXcVNQaTNsUFRPWV...
350 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Jwd6lHxsNXhha1o5dndhbEE2SDhxTzhlcEcyeXV0RFJjVDNGejEvWlFxMEtJR3ZhUzh2UE9MZFNPelJGdERQRDYwRktrZGgyMWhRRmFLRkNMSDNvTlZvZ0pmSGt0bElta25Ib243UjlYa1FFRzZMSXZXcVNQaTNsUFRPWVFmQ3RqUjRXZGo2L2NuNUs0aUxKeGRxNlU0SW1XL1ZTOUVSeGlaOW80enFabHNZc0NGakppUFUzSGI4Rlh1VFFpZTk1VVhzS0lIUmVnVmlPK0I2bi95emN5b0pmNkpVSFRDMFhNZzBHZTRpTTZQTmdHU3lNPXw&cppv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fafc139d18c4a7383cc1eb68ffaa3afb1ab3be1138074518efa8a3a4f9226e56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Oct 2020 18:33:36 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1258
content-length
350
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Wed, 28 Oct 2020 18:33:36 GMT
location
https://mug.criteo.com/sid?cpp=Jwd6lHxsNXhha1o5dndhbEE2SDhxTzhlcEcyeXV0RFJjVDNGejEvWlFxMEtJR3ZhUzh2UE9MZFNPelJGdERQRDYwRktrZGgyMWhRRmFLRkNMSDNvTlZvZ0pmSGt0bElta25Ib243UjlYa1FFRzZMSXZXcVNQaTNsUFRPWVFmQ3RqUjRXZGo2L2NuNUs0aUxKeGRxNlU0SW1XL1ZTOUVSeGlaOW80enFabHNZc0NGakppUFUzSGI4Rlh1VFFpZTk1VVhzS0lIUmVnVmlPK0I2bi95emN5b0pmNkpVSFRDMFhNZzBHZTRpTTZQTmdHU3lNPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1112
content-length
482
expires
0
cdb
bidder.criteo.com/ Frame 2D4B 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=38009595489
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:36 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://webfonts.ffonts.net
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 2D4B 		19 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:37 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid
7c9d0274-d963-424a-9371-f03cd1ab1a28
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2D4B 		268 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=179158&zone_id=1721018&size_id=15&alt_size_ids=9%2C8%2C10%2C48%2C126%2C179&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&rp_schain=1.0,1!setupad.com,67,1,,,&rf=https%3A%2F%2Fwebfonts.ffonts.net%2F&tk_flint=pbjs_lite_v3.23.0-pre&x_source.tid=1536a6ff-fe50-411b-8e64-d896450af5e9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9805011783968953
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5ee7708a31192d6f21138646bce0296c20a672bbe707e0be08dda31380662959

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
268
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 2D4B 		0
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.29 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:36 GMT
x-smrt-d
6%3b0%3b112
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2D4B 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:37 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://webfonts.ffonts.net
access-control-max-age
3600
access-control-allow-methods
POST
v1
dmx.districtm.io/b/ Frame 2D4B 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
cf-ray
5e96bf065b39d919-AMS
access-control-allow-headers
Content-Type, Origin
cf-request-id
061215b7f40000d919e78bb000000001
prebid
ib.adnxs.com/ut/v3/ Frame 2D4B 		19 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:37 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid
3a0ab40c-81d6-456d-928f-67937bf432d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 2D4B 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4c3bffde2342661ce60686373100daa0e1a0d4c0cc87f0dbb719216e5084324d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Wed, 28 Oct 2020 18:33:37 GMT
content-type
application/json
/
adx.adform.net/adx/ Frame 2D4B 		5 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNzYyOCZ0cmFuc2FjdGlvbklkPTE1MzZhNmZmLWZlNTAtNDExYi04ZTY0LWQ4OTY0NTBhZjVlOQ%3D%3D&pt=gross&stid=2cd852fc-1cc9-4559-83ec-d56f14ec47bd&gdpr=true&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&fd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
/
hb.emxdgt.com/ Frame 2D4B 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1603910016988&src=pbjs
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:36 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
arj
setupad-d.openx.net/w/1.0/ Frame 2D4B 		512 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwebfonts.ffonts.net%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=1536a6ff-fe50-411b-8e64-d896450af5e9&nocache=1603910016989&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&x_gdpr_f=1&criteoid=6P64Rl9JMTdoc2pJS25haDlLdmp4UnZBTGJFNVV0NmklMkZBYTVKOUxPdGxxJTJCVTRjbVBVZlh6M1UzV25KMnhoSnJsSEs5dDhicW5kUUdOSExVSnZRSW1lNW1vNHclM0QlM0Q&pubcid=35a81b29-dcd8-4e78-8b3b-1ae514d95d36&schain=1.0%2C1!setupad.com%2C67%2C1%2C%2C%2C&aus=300x600%2C300x250%2C300x300%2C160x600%2C250x600%2C120x600%2C140x600%2C200x600&divIds=div-custom-ad-1603910016672-0&auid=541157894
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash
5705d2ad152cbeb61438ffe8c163b5aeb2457a74748a3ce5c6737fb44cc1c294

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
server
OXGW/16.196.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
431
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 2D4B 		25 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=268776&v=7.2&r=%7B%22id%22%3A%2223098faada3a26b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2224657cb9bc01cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2225464e46557ac6a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2226ad35bb1c0eaaf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2227dde6be6d3a6d6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22281c3d82d9dd7fe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2229a9caf2d0235d1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22304bf253fc0af24%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A140%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22314e38855800aaf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22268776%22%2C%22sid%22%3A%22ffonts.net_300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A200%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwebfonts.ffonts.net%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%2267%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%22%7D%7D%7D&ac=j&sd=1
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e2a781c4480bd4f92c98e60955061694a7933e305a3a39e46bea40f3ff950f5

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Oct 2020 18:33:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Wed, 28 Oct 2020 18:33:37 GMT
bid
ap.lijit.com/rtb/ Frame 2D4B 		24 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0-pre
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
336c02ea40d77969b4feaa5cb5f3300fe65e7751a3ea8ef986ae8a21a9e976b2

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Oct 2020 18:33:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://webfonts.ffonts.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usync.html
eus.rubiconproject.com/ Frame 40CE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgZ1rOqUPHfhRM3ya9WQiOHKKRWt2j6qYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexkkvGuuYKBWI6L8JKS3dwHNbrrxlA==; ses9=; vis9=179158^1; pux=1512%3D94891%262231%3D94891%262249%3D94891%262974%3D94891%263778%3D94891%26brx%3D94891%262249-DV360-Hosted%3D94891%26idl%3D94891%26; ses10=179158^1; vis10=179158^1; khaos=KGTQLZXI-1I-J1QA; ses2=; vis2=179158^1; ses15=; vis15=179158^1; audit=1|hLZGFuTafB2Um3DEJLiYnZqpp78UDnSwwMaMES+xNTEmFHtXaJBwHqMBjLwAc0Ym511Juy910DAOwzHLtYfPBFH/KItGfOsm80fqXgDTM/ToYVfJfpk7Kas9it41ZMvR+IqGFQnwfsHwuAF/phkZm7ouZ6HTnHrKe2CDh+z1P4X+uYmUf2oUN+xxqGrzs7XzYKnVDZYVK+aN5WmiEG6kjxlcHqL8WalIVlgncVP+nPk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date
Wed, 28 Oct 2020 18:33:37 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame EAB1 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:56:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45D5 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102201&jk=127927986575032&bg=!RkWlRWXNAAVp0lmVaVjer9XvOopeTgIAAADTUgAAABEKAXJjyzg6SVM8oettJEiwNW3oww0dqJaGgDCMV8EkaDcpwlwfW-AsYWksYZayCRNLU9pOAIRvlGvfxW3hNBIamtzlBdTX8fSdomNYD5G4fztrUy1iLjHm4AGI4uPowlmNFXoxCA7pyi-dQiTOEDdYF4HKmpzquxhafz5fXd0K9V2vkoEnfx5F3DAyzuwqZP43pLqc2kCiQRkaMMTJohqIieCMk6eRmmCVlZSqTP1MqHolo81QRt1m1iLhpvDpjUKTina5uuRcIYYyroLaAVQ9Y43uXqJM9XcKvOh-SLguFFXvRXRUEQLFMK8GPskpMjGAIg3X3VrLibHOtpXNHRE0ZuaZ3AqUncKpqH101tio1HXBiTveQV216ewGNlgszywbbfpUfCE9X0zP3bqEeTCLL62taFDOD5cL1ZJHzt3KWGrUPjEyRJa9iU3v0-Rgeg1RBXjLmzlLbiCxDLH2waSrmgrlhcN3XnfoljKN3kfZeWRW-vwDmQHPrYmxoorL925GuHC13MmEKRAfK--tciejmNS9XRLU0byMIqnEI_eXUQxae2vxtD8AVAztQZUMJFppLqazkZlzD62yY71ccp5zSjNXja50geGhNYDKTVv6kC4_p35h69Vl8tldJg4Voo7jMFer_KPyOtxhL0iIA2PD-2NzKnGpdf6pMB-SiyzOO0ICzJOkIGx68PTliz4MszKZNopcPcLgBgB_rCJciUbl7p3_ZBXVgCn1G-_t6_mprUA0yAM-CFnv5aGaASNL0-TXPuiE-ZCViKRYxQnXhlnOBC8eo9W9_AePNFnCKpP653hxhJsEv-qKwSjEf9guYNt8iEj4cI5OfK-U37dp-wx6sHYbQV8O1tvw72ibDVHq50BpXzZomxktxD8tfBo44Q6aIYNKh7bFEw4l-OFPsxANZNK11_ILuT0jLndn_qtMUtHYJuqwEVwaNYWlAA46baNhvGKV5LMXcumVIZADYPgXtVor5co7HUcNgLFDmm23ue3o0a8Y15IbjvHSJEiLMtkUqtGbZf42sN3Uk0KIN049U1YbH7cPNXcVvpcGIdvlbPETdT3q2wHwDld_dg_JcVdbQlyTtVL_DT8Jkp6iwXv0XyXAs1ALPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adagio.js
script.4dex.io/ Frame 2D4B 		64 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3
status
200
access-control-allow-methods
GET
x-amz-request-id
2F91EC5F71DD0A0E
x-amz-id-2
hVXZsur1ndMPmF61Q3B8z/zm8RHCGASs1xWEVm1ATwtZgxjw2nlPejgmEqRt3US+Zxb8k+VZ4Sw=
last-modified
Mon, 14 Sep 2020 09:32:12 GMT
server
cloudflare
etag
W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5vkeqykrGQ8o4laCjibU0Dc6sSKXlLF7Ltd8CgXj9WJdbg%2BIs99xl9xz6958o2lDbb59aGxKEHsMXAa8PyJ6UsnffYnkCtJX%2ByRN4pdoEUxCraWF%2FwNHbTyCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
061215b80100000eafe3994000000001
cf-ray
5e96bf066bfa0eaf-FRA
pubads_impl_2020102201.js
securepubads.g.doubleclick.net/gpt/ Frame 2D4B 		274 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 08:43:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98380
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:37 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2D4B 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 17:48:49 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
2688
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 30 Sep 2020 05:43:29 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 384bf15c1ac91d451725d766417680b1.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
qpELr8i9BZdCMU0VSNjUn0JqdXfar2miLgitXYenpcKyy7rRw0OMWg==
bid
c.amazon-adsystem.com/e/dtb/ Frame 2D4B 		451 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwebfonts.ffonts.net%2F&pid=lFlpdw04GxgO2&cb=0&ws=300x150&v=7.57.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22300x300%22%2C%22160x600%22%2C%22250x600%22%2C%22120x600%22%2C%22140x600%22%2C%22200x600%22%5D%2C%22sn%22%3A%22%2F147246189%2Fffonts.net_300x600%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.24.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
870fc8be88c7b729cbf67f1a2f68a51ae2e9fd14464acb34a4504cfa1a480344

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
ZAG50-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
access-control-allow-credentials
true
timing-allow-origin
*
content-length
388
via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
x-amz-cf-id
mVltz_yWDkxOaj8a_Xg_FTp_GXP-t63yM7pFClLGGkQoeUlGU2OUgA==
/
track.adform.net/csimpr/ Frame EAB1 		35 B
471 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=41252078&csi=za9AQ-uYVTM9hmL5_3_VC9vlzFbSvk3n4MtjbGk8v4zWccfIME0h_pQ0mtTo6nFLDmvliFF4HBzpF8T3U5Mchw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41452618.jpg
s1.adform.net/Banners/41452618/ Frame EAB1 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41452618/41452618.jpg?bv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
428c181d8f812d33bb9a7b145ef1a324b5751183e0d06feac8abf9cb4aee28ae
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
last-modified
Wed, 28 Oct 2020 10:05:28 GMT
server
nginx
status
200
etag
"5f994268-8e91"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
36497
integrator.js
adservice.google.de/adsid/ Frame 2D4B 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2D4B 		109 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=webfonts.ffonts.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2D4B 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3039265847536121&correlator=1165342623980996&output=ldjh&impl=fifs&eid=21067995%2C21068364%2C21067753%2C21068231&vrg=2020102201&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201028&iu_parts=147246189%2Cffonts.net_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300%7C160x600%7C250x600%7C120x600%7C140x600%7C200x600&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D3550e8b54dd4ee5%26hb_bidder%3Dpubmatic&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D5086dfa7090129b9%3AT%3D1603910016%3AS%3DALNI_MZKwYwLw0v1uuHUoxPMylNy4DupOQ&cdm=webfonts.ffonts.net&bc=31&abxe=1&dt=1603910017237&dlt=1603910016660&idt=538&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=177&adys=2995&adks=887410399&ucis=b7d5ib9na5ez&ifi=1&ifk=2497198394&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&iag=63&url=ffonts.net&loc=https%3A%2F%2Fwebfonts.ffonts.net%2F&top=webfonts.ffonts.net&dssz=11&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x600&ga_vid=2141877335.1603910014&ga_sid=1603910017&ga_hid=1478713300&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e97ced5b90359ab20059ded2fc85e62cc09c86b5ac1baecf3880a53d1e3d3711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2183
x-xss-protection
0
google-lineitem-id
323970509
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303033272
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2D4B 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
iu3
aax-eu.amazon-adsystem.com/s/ Frame 8AB5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHG...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:37 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
65
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
User-Agent

Redirect headers

Server
Server
Date
Wed, 28 Oct 2020 18:33:37 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&dl=cnv&dcc=t
Vary
User-Agent
view
securepubads.g.doubleclick.net/pcs/ Frame C5A6 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvau5Dku0OqoSR1U4iPeXoznF-kz5POQq5dmHOvFv7xHUKFELHvOuCGs5S7spRIZ-9wEEesuDw8T3faPk0ZgCzGt2UVAyYO4cnYhecx7uSMxfWdDYI7n2paUV6nS_52E1ayS7zuyAt4MKvAGMv_wnKecrqYXpOpYkHzaMexz__-4dR2bMx8LrxG__obiXirrc06q7gxmIVw0uI4NA3RvBy3476DFBtBjjCZ-ONP3bKAc3ERiQZdpzaPkZ-DX1fzYUwiu3jQlJnIrbBzIwsbOSaivPjbUU5a&sig=Cg0ArKJSzMx29VHsojVxEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5796 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9udbV-ZZrlIJoGngvIxOG6Giv0XJ3EpZBuAJyRZHOuJpDp4WHOSR7vxsuWfyfZEfYVm04xIwb5phSxk3pytS7OPjM4VDzXH1ahrYOzLYFkIivEkG_D3Y6Pn5acc4RUGKumy04ZMtoRNATwqkaPdzq89lmTlMBT9N_BiaHeSiU2RhWRUlx8-NpFroA2rae2betBtqZ67x2pY_GOZ67ASiM1WpomBWIrGVYhDZzQ51gNUhc4QozDplBrpjna8jaW_MMD9-xNx9T&sig=Cg0ArKJSzBiFJZDiZU2oEAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
node.php
node.setupad.com/node/ Frame 2D4B 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
85-206-143-247.static.zebra.lt
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
/
track.adform.net/adfscript/ Frame 5796 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=41048607;rtbwp=0.127802;rtbdata=dAR1tpfEfIrCF6aEzam7gce1QdcjO6OhgYwdwq4Byoxg5WI0NpeZcmGnfm83niZd8Z92anOMHtyulgguiLC0xv1mfJo4td5DQXXieNCqO3hoCwU-WVpRbly7HJ9TVMM4KZObl0xr8vG8ABVa929zhId3X-5pmMNJli00qtqMslPXEdiRNwyUuo5LQ6qHk5T32k-xM3sooxxMt0ntFgbaVE79grqAGU2OIivYRlmgTIBjZeafTEYWWgHq6b2YSMkPxtCLGe78ynYbhYFrZiu4IfofBfSSUHsyPr8Qh8nSzCRp668KjM1Mn6DMfSYzyW7RqELL2qLnDQRdCMZPHQ5HqQNp1JBaOWzd5bX9WFsfUVD1oi3-ebmY7ZughLYLsq-cEOg6zeoWXd65IbstD4NO9YBqTnh3M__Fho7fzvJfXFN4cMZmG1LjwcLpeht1QPzzOVCXUwR0TQuj7H_h4vXjqmMs5DVK3RzPGz_Kjl9PkJeFRfAkdQ0QOHMtMya30wl45bkvsm3kr3s2oIubHJ2Y7Mc6YX15GZvyr_VAPOOgnnrmq4nXiMSb-eko3B65XgT_XKo3u83KpSUBIUYqGJT-udblx8E0DurpW1LxWrj3JnGn7aTmBOj2THQMPMpzQev73kZ4PV7X2aux_EylBNXIrTZKZ80jMyfcFM7nm0i9XhxCwgIx0X_pH5-4S0TaEX4BrA3cYOWO70DnmuRoHwLyP-FBboVeNKvP0
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e054c19318777efc07d97b9c5d0a58ab662ab120a9eff036a4019dce6755c4ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1328
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 5796 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28777
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:37 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 2D4B 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603712362387365"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2D4B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8524cad34102ac8a64cacec2e280843acc63cbf83185e9295d1dc586e759770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6524
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2D4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102201.js?21068364
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:37 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame DEB7 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:37 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame 5796 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=41048607;rtbwp=0.127802;rtbdata=dAR1tpfEfIrCF6aEzam7gce1QdcjO6OhgYwdwq4Byoxg5WI0NpeZcmGnfm83niZd8Z92anOMHtyulgguiLC0xv1mfJo4td5DQXXieNCqO3hoCwU-WVpRbly7HJ9TVMM4KZObl0xr8vG8ABVa929zhId3X-5pmMNJli00qtqMslPXEdiRNwyUuo5LQ6qHk5T32k-xM3sooxxMt0ntFgbaVE79grqAGU2OIivYRlmgTIBjZeafTEYWWgHq6b2YSMkPxtCLGe78ynYbhYFrZiu4IfofBfSSUHsyPr8Qh8nSzCRp668KjM1Mn6DMfSYzyW7RqELL2qLnDQRdCMZPHQ5HqQNp1JBaOWzd5bX9WFsfUVD1oi3-ebmY7ZughLYLsq-cEOg6zeoWXd65IbstD4NO9YBqTnh3M__Fho7fzvJfXFN4cMZmG1LjwcLpeht1QPzzOVCXUwR0TQuj7H_h4vXjqmMs5DVK3RzPGz_Kjl9PkJeFRfAkdQ0QOHMtMya30wl45bkvsm3kr3s2oIubHJ2Y7Mc6YX15GZvyr_VAPOOgnnrmq4nXiMSb-eko3B65XgT_XKo3u83KpSUBIUYqGJT-udblx8E0DurpW1LxWrj3JnGn7aTmBOj2THQMPMpzQev73kZ4PV7X2aux_EylBNXIrTZKZ80jMyfcFM7nm0i9XhxCwgIx0X_pH5-4S0TaEX4BrA3cYOWO70DnmuRoHwLyP-FBboVeNKvP0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
652aa3a15b05e157b7229123aaf8842a34dfac5cc9ae432edfffe3f06336f61d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:46:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C4FC 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:37 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:37 GMT
Cookie set check.html
biddr.brealtime.com/ Frame 881F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Date
Wed, 28 Oct 2020 18:33:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4d1597b0c35913983ad64259fe2b56271603910018; expires=Fri, 27-Nov-20 18:33:38 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
AE0RvqouPbkOBEtvGV5RTuEt8dTE683/uciqEpSpJJhpgW/sSWeb/SHb8V0ezR1pT3Q+EDXjlJY=
x-amz-request-id
51F3B84ACEF52004
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6667
Expires
Wed, 28 Oct 2020 18:34:38 GMT
Cache-Control
public, max-age=60
cf-request-id
061215bd5a00000c15798e2000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e96bf0efcf30c15-AMS
Content-Encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame 4057 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014; Version=1; Expires=Thu, 28-Oct-2021 18:33:38 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1603910018|gekin0vNiygu; Version=1; Expires=Thu, 12-Nov-2020 18:33:38 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.196.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Oct 2020 18:33:38 GMT
content-type
text/html
content-length
760
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 068E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
X-Akamai-Path-Stats
[3:98006:1994]
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
index.html
cdn.districtm.io/ids/ Frame 65E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?gdpr=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:38 GMT
set-cookie
__cfduid=d6cad263ba639fe3a49293ad5166723a61603910018; expires=Fri, 27-Nov-20 18:33:38 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
061215bcf00000d91923823000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5e96bf0e4d09d919-AMS
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame EAF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=5062301763140123652
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 28 Oct 2020 18:33:38 GMT
Age
15167358
X-Served-By
cache-lga21948-LGA, cache-hhn4021-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 1885586
X-Timer
S1603910018.391287,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 92E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156191:5; chkChromeAb67Sec=1; SyncRTB3=1605052800%3A21_13_56_161_220%7C1605139200%3A35; KADUSERCOOKIE=1BB5A203-94EC-4A7C-B3F0-D0154702DD1F; PUBMDCID=3; KRTBCOOKIE_391=22924-7257619241315354536; KRTBCOOKIE_336=5844-7871467943501614992; PugT=1603910017
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36219
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5D41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgZ1rOqUPHfhRM3ya9WQiOHKKRWt2j6qYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexkkvGuuYKBWI6L8JKS3dwHNbrrxlA==; ses9=; vis9=179158^1; pux=1512%3D94891%262231%3D94891%262249%3D94891%262974%3D94891%263778%3D94891%26brx%3D94891%262249-DV360-Hosted%3D94891%26idl%3D94891%26; ses10=179158^1; vis10=179158^1; khaos=KGTQLZXI-1I-J1QA; ses2=; vis2=179158^1; ses15=; vis15=179158^1; audit=1|hLZGFuTafB2Um3DEJLiYnZqpp78UDnSwwMaMES+xNTEmFHtXaJBwHqMBjLwAc0Ym511Juy910DAOwzHLtYfPBFH/KItGfOsm80fqXgDTM/ToYVfJfpk7Kas9it41ZMvR+IqGFQnwfsHwuAF/phkZm7ouZ6HTnHrKe2CDh+z1P4X+uYmUf2oUN+xxqGrzs7XzYKnVDZYVK+aN5WmiEG6kjxlcHqL8WalIVlgncVP+nPk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame EAB1 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_d-tHuutLGdA6GxYDTEZN2VtH9XhiBDR94Fag2eCWsd1daqUvFhvM7O_gLZH5EPcC3J_vv6Opzw2_c6_0_X6Dh7eZEEY9Q-SgthCfwTaGjy4RGjbIfxUF3Hdxz3r_9j5nRldpajMA5IMCaiVjcvtbmTh3ZipoD_cTTG2kL_-GLMBMEp8prmcZmhRSpmCB9A7u-ulNfi6NwFIIeA1-ynLgZOU9rqaLHVbQJv0tDhErl6E7gbzUFSKYwFfedpn_zTaMJEinwBr1Z8Zq4Ig_R7iFrRDhrg&sig=Cg0ArKJSzBjm5xkVk-b1EAE&urlfix=1&adurl=
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:37 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame BAC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156191:5; chkChromeAb67Sec=1; SyncRTB3=1605052800%3A21_13_56_161_220%7C1605139200%3A35; KADUSERCOOKIE=1BB5A203-94EC-4A7C-B3F0-D0154702DD1F; PUBMDCID=3; KRTBCOOKIE_391=22924-7257619241315354536; KRTBCOOKIE_336=5844-7871467943501614992; PugT=1603910017
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36219
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 5568 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?gdpr=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:38 GMT
set-cookie
__cfduid=d6cad263ba639fe3a49293ad5166723a61603910018; expires=Fri, 27-Nov-20 18:33:38 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
061215bcfe0000d919ef120000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5e96bf0e6d36d919-AMS
usync.html
eus.rubiconproject.com/ Frame 18CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgZ1rOqUPHfhRM3ya9WQiOHKKRWt2j6qYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexkkvGuuYKBWI6L8JKS3dwHNbrrxlA==; ses9=; vis9=179158^1; pux=1512%3D94891%262231%3D94891%262249%3D94891%262974%3D94891%263778%3D94891%26brx%3D94891%262249-DV360-Hosted%3D94891%26idl%3D94891%26; ses10=179158^1; vis10=179158^1; khaos=KGTQLZXI-1I-J1QA; ses2=; vis2=179158^1; ses15=; vis15=179158^1; audit=1|hLZGFuTafB2Um3DEJLiYnZqpp78UDnSwwMaMES+xNTEmFHtXaJBwHqMBjLwAc0Ym511Juy910DAOwzHLtYfPBFH/KItGfOsm80fqXgDTM/ToYVfJfpk7Kas9it41ZMvR+IqGFQnwfsHwuAF/phkZm7ouZ6HTnHrKe2CDh+z1P4X+uYmUf2oUN+xxqGrzs7XzYKnVDZYVK+aN5WmiEG6kjxlcHqL8WalIVlgncVP+nPk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 6FCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Date
Wed, 28 Oct 2020 18:33:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4d1597b0c35913983ad64259fe2b56271603910018; expires=Fri, 27-Nov-20 18:33:38 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
AE0RvqouPbkOBEtvGV5RTuEt8dTE683/uciqEpSpJJhpgW/sSWeb/SHb8V0ezR1pT3Q+EDXjlJY=
x-amz-request-id
51F3B84ACEF52004
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6667
Expires
Wed, 28 Oct 2020 18:34:38 GMT
Cache-Control
public, max-age=60
cf-request-id
061215bdc400000c15b783e000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e96bf0faef00c15-AMS
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 19FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=5062301763140123652
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 28 Oct 2020 18:33:38 GMT
Age
15167358
X-Served-By
cache-lga21948-LGA, cache-hhn4030-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 4167475
X-Timer
S1603910018.423092,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 8F91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7zO8AT7zAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014; Version=1; Expires=Thu, 28-Oct-2021 18:33:38 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1603910018|gekin0vNiygu; Version=1; Expires=Thu, 12-Nov-2020 18:33:38 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.196.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Oct 2020 18:33:38 GMT
content-type
text/html
content-length
760
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 5F9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
X-Akamai-Path-Stats
[3:98006:1994]
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
view
securepubads.g.doubleclick.net/pcs/ Frame A0C7 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt8pa6iciub88_ltOB9w1UVpftefVPy2fuiCNawbYTN_qo72LPYdxfyTHOYM95TLCfV5gHXs6qVMkUNVaqFniV3HR6g_XwkY1feIS-npWHrgluhbaWH-6UZtAzatswhCVDmDn2EpPNbKP30QoM-8nBtLM3wlcQdxlzeeWcG0lfecWRo-_eZ1709jw1GX3H4fDTCyVjkiSNO2c3Quvr-Z7UFRIwtpg7fiSrwUoHDls8lsWLlFueYQcl-d3QlpjcGyTwBL9PCsC8ytcKdq9ZYQ&sai=AMfl-YQhNOo3UWQdJfgXv-LYFqDu9IBvBmml9jiyhwrgeBUTDDxdt7eMZorAc7RXJ3IZIO3o-RO5UOSg_3XskxwLWrRMUP5WFqEP3Vo37yixTHMVzIO4lcnMaIzoxi2Umi0&sig=Cg0ArKJSzLsqzkzLPvTHEAE&urlfix=1&adurl=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:38 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A0C7 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1dcb8bc6fbcb278517347b26a76ea29596a73256a61b477c9572d585ca516bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6465
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FCC9 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoh1dE5zpZKzDWxXYInCxj9zYS52WeZNsIyjw_QsSENpmWuuJqcV_whmAmOqG89K0S2FSi5Ke8fUTCyk8tmVHwE-ylL2ZGuzlvd1R4LUYr1p3ybKjT3dv1F4gsOhGi-YasRLo2LHufz_b8JzdOO1aI9BXEukbbuvT-QV_dExIzalN6IK4Qio9vxq6TIC12pAVv2Z4sPGMEigsjFd1oBGQ6bJa02ykiVo5J7HoQzyI5XvrOo50s-6I92MFJC07brJwtM9C31Nx1eK5nIak&sai=AMfl-YRKW_UcdmBdBzcBW_3O1zAXUWGVW-DvYocDBFmkSst0YRutd7zNSEYOUx6cM4UO6e1-EgjVPg5mVOY3UZ1MxL18kxA5w-14kSVqntE4unX2RxHb0O4Ec_R29Nn6XYE&sig=Cg0ArKJSzDRgCaS4gSgPEAE&urlfix=1&adurl=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:38 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FCC9 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201022&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be0fd61df7a1d0eb1d18bd93c07005ecc812e891ad3829ffa028f67b666a9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6342
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3FEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=webfonts.ffonts.net&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=webfonts.ffonts.net&gdpr_consent=CO8AT7xO8AT7xAKABBENAxCMAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.IGPtV_T9fb2vj-_Z99_tkeY1f97y3t-wzhheMs-8NyZeX_B4Wv2MyvBX4JiQKGRgkunLBAQdtHGlcTQgBwIlViTLMYk2MjzNKJrJEmlsbO2dYGH9Pn8XT_ZKZ70-vv__7v3_f_334AAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
647
date
Wed, 28 Oct 2020 18:33:38 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame DEB7 		74 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 340A 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7GMC99JoqWLeYigT2UEKWrl-r2qsmMpc_VhBvwSwYBK-r1sSYVL5aQC988FpjegLth67xzXV3QVIkdOjH75hN0TYR79vu_iK7xW3_8jheIy4SDeRLaZeQPBSGMh70dzpSHK_inka5OdYlgT02_L8Wv8FFv0ZnRNMz7STeHucHBjONPDU8TASBXsMJ5b_za2ceukJPYlero8T7--Op7kCnNVSE_tdAaxnA34BPAXmDoaFoeb4Pj1oOZFkn6GRarOGWlDycYMKltIwo8fZ1O4gs3khF9qg&sig=Cg0ArKJSzGmTyRIcNBxNEAE&urlfix=1&adurl=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:38 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame C4FC 		74 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A0C7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FCC9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201022/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:38 GMT
/
track.adform.net/adfserve/ Frame 5796 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=41048607;rtbwp=0.127802;rtbdata=dAR1tpfEfIrCF6aEzam7gce1QdcjO6OhgYwdwq4Byoxg5WI0NpeZcmGnfm83niZd8Z92anOMHtyulgguiLC0xv1mfJo4td5DQXXieNCqO3hoCwU-WVpRbly7HJ9TVMM4KZObl0xr8vG8ABVa929zhId3X-5pmMNJli00qtqMslPXEdiRNwyUuo5LQ6qHk5T32k-xM3sooxxMt0ntFgbaVE79grqAGU2OIivYRlmgTIBjZeafTEYWWgHq6b2YSMkPxtCLGe78ynYbhYFrZiu4IfofBfSSUHsyPr8Qh8nSzCRp668KjM1Mn6DMfSYzyW7RqELL2qLnDQRdCMZPHQ5HqQNp1JBaOWzd5bX9WFsfUVD1oi3-ebmY7ZughLYLsq-cEOg6zeoWXd65IbstD4NO9YBqTnh3M__Fho7fzvJfXFN4cMZmG1LjwcLpeht1QPzzOVCXUwR0TQuj7H_h4vXjqmMs5DVK3RzPGz_Kjl9PkJeFRfAkdQ0QOHMtMya30wl45bkvsm3kr3s2oIubHJ2Y7Mc6YX15GZvyr_VAPOOgnnrmq4nXiMSb-eko3B65XgT_XKo3u83KpSUBIUYqGJT-udblx8E0DurpW1LxWrj3JnGn7aTmBOj2THQMPMpzQev73kZ4PV7X2aux_EylBNXIrTZKZ80jMyfcFM7nm0i9XhxCwgIx0X_pH5-4S0TaEX4BrA3cYOWO70DnmuRoHwLyP-FBboVeNKvP0;js=1;adfxid=3x;8344;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwebfonts.ffonts.net%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cedc2dd553b4cb6ddbe1d06b08a45b987926511f545dffb11c25095c42693154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
3134
expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame F715 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
306
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 45E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
306
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame C4C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Wed, 28 Oct 2020 18:28:32 GMT
expires
Thu, 28 Oct 2021 18:28:32 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
306
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3B95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=1BB5A203-94EC-4A7C-B3F0-D0154702DD1F; PUBMDCID=3; KRTBCOOKIE_391=22924-7257619241315354536; KRTBCOOKIE_336=5844-7871467943501614992; PugT=1603910017; KCCH=YES; pi=156191:3; chkChromeAb67Sec=2; DPSync3=1603929600%3A174%7C1605052800%3A201_197_219; SyncRTB3=1604448000%3A2_15_67%7C1605139200%3A35%7C1604707200%3A63%7C1606435200%3A203%7C1609027200%3A69%7C1605052800%3A21_8_55_189_56_3_223_22_204_165_222_13_7_166_81_220_71_54_5_104_161_99_88_176_78
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36219
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame BFE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156191&siteId=715283&adId=2927004&adType=10&adServerId=243&kefact=0.090739&kaxefact=0.090739&kadNetFrequecy=0&kadwidth=300&kadheight=600&kadsizeid=26&kltstamp=1603910017&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.127802&dcId=3&tldId=61233991&passback=0&svr=BID22440U&adsver=_1851472263&adsabzcid=0&ekefact=gbmZX4iNAQCDAw-Q00kUQH1bjTInHhjE3MVRLbkRjfrp8MNf&ekaxefact=gbmZX5mNAQD5-jgGJaOvY8Z6AvmfJnNAqvdYHlO_K66WY5DR&ekpbmtpfact=gbmZX6mNAQBhTJC8ukXIJUgglMQJDF8X0BBZwxsq4YVoQZpf&pubBuyId=15596&crID=41048607&lpu=rs-online.com&ucrid=2609114322073615480&campaignId=22924&creativeId=0&pctr=0.000000&wDSPByrId=4540&wDspId=391&wbId=10&wrId=0&wAdvID=79286&wDspCampId=2061609&isRTB=1&rtbId=8BF96355-3F03-40FC-ADE3-8F78F1F6562A&imprId=DE26E88D-A4D0-4B32-BCE7-585CC2CE2C2A&oid=DE26E88D-A4D0-4B32-BCE7-585CC2CE2C2A&cntryId=180&domain=webfonts.ffonts.net&pageURL=https%3A%2F%2Fwebfonts.ffonts.net%2F&sec=1&pmc=1&pAuSt=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=1BB5A203-94EC-4A7C-B3F0-D0154702DD1F; PUBMDCID=3; KRTBCOOKIE_391=22924-7257619241315354536; KRTBCOOKIE_336=5844-7871467943501614992; PugT=1603910017; pi=156191:3; chkChromeAb67Sec=2; DPSync3=1603929600%3A174%7C1605052800%3A201_197_219; SyncRTB3=1604448000%3A2_15_67%7C1605139200%3A35%7C1604707200%3A63%7C1606435200%3A203%7C1609027200%3A69%7C1605052800%3A21_8_55_189_56_3_223_22_204_165_222_13_7_166_81_220_71_54_5_104_161_99_88_176_78
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Content-Type
text/html
Content-Length
0
Date
Wed, 28 Oct 2020 18:33:38 GMT
Connection
keep-alive
truncated
/ Frame 5796 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db319c75633168393333febe18a84acc16d2006f66b46dc347f9777eae33d817

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Standard
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 5796 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.195/e/.wSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:38 GMT
content-encoding
gzip
last-modified
Fri, 23 Oct 2020 14:45:18 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 29 Oct 2020 21:56:07 GMT
/
track.adform.net/csimpr/ Frame 5796 		35 B
462 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=41048607&csi=WHJ8PRzuSYixZeiTxhBGSFz6suVinQfH3wkhkFPykejWccfIME0h_kxA8MBuSVn-oyWrEx1YERXpF8T3U5Mchw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:39 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
38295778.jpg
s1.adform.net/Banners/38295778/ Frame 5796 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/38295778/38295778.jpg?bv=2
Requested by
Host: webfonts.ffonts.net
URL: https://webfonts.ffonts.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1473ed301fd0aa6228474a3ebb2b2cf8c5a55a83fa43fedd1cfd0e0c70066aa5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:39 GMT
last-modified
Mon, 04 May 2020 10:06:25 GMT
server
nginx
status
200
etag
"5eafe921-2448e"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
148622
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 45D5 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:39 GMT
index.html
cdn.districtm.io/ids/ Frame CD8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?gdpr=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?gdpr=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:39 GMT
set-cookie
__cfduid=da2717bfd8b3ed2b495c45c5f29a05c4b1603910019; expires=Fri, 27-Nov-20 18:33:39 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
061215c0880000d919ca269000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5e96bf140a5ad919-AMS
usync.html
eus.rubiconproject.com/ Frame A0BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt03ZRUZWfOgZ1rOqUPHfhRM3ya9WQiOHKKRWt2j6qYTD2eRvLWSDhFgX3ng06hUEE9RUpasHbexkkvGuuYKBWI6L8JKS3dwHNbrrxlA==; ses9=; vis9=179158^1; pux=1512%3D94891%262231%3D94891%262249%3D94891%262974%3D94891%263778%3D94891%26brx%3D94891%262249-DV360-Hosted%3D94891%26idl%3D94891%26; ses10=179158^1; vis10=179158^1; khaos=KGTQLZXI-1I-J1QA; ses2=; vis2=179158^1; ses15=; vis15=179158^1; audit=1|hLZGFuTafB2Um3DEJLiYnZqpp78UDnSwwMaMES+xNTEmFHtXaJBwHqMBjLwAc0Ym511Juy910DAOwzHLtYfPBFH/KItGfOsm80fqXgDTM/ToYVfJfpk7Kas9it41ZMvR+IqGFQnwfsHwuAF/phkZm7ouZ6HTnHrKe2CDh+z1P4X+uYmUf2oUN+xxqGrzs7XzYKnVDZYVK+aN5WmiEG6kjxlcHqL8WalIVlgncVP+nPk=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set check.html
biddr.brealtime.com/ Frame 7B66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Date
Wed, 28 Oct 2020 18:33:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df4cf8161559445ba33f891310a0616e51603910019; expires=Fri, 27-Nov-20 18:33:39 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
AE0RvqouPbkOBEtvGV5RTuEt8dTE683/uciqEpSpJJhpgW/sSWeb/SHb8V0ezR1pT3Q+EDXjlJY=
x-amz-request-id
51F3B84ACEF52004
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6668
Expires
Wed, 28 Oct 2020 18:34:39 GMT
Cache-Control
public, max-age=60
cf-request-id
061215c08600000c156711b000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e96bf140b1c0c15-AMS
Content-Encoding
gzip
pd
eu-u.openx.net/w/1.0/ Frame 97D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT7-O8AT7-AKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014; pd=v2|1603910018|gekin0vNiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=35a81b29-dcd8-4e78-8b3b-1ae514d95d36|1603910014; Version=1; Expires=Thu, 28-Oct-2021 18:33:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1603910018.1|kiiygevNgun0.mWgqsLommOns; Version=1; Expires=Thu, 12-Nov-2020 18:33:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.196.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Oct 2020 18:33:39 GMT
content-type
text/html
content-length
604
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame F341 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
X-Akamai-Path-Stats
[3:98006:1994]
Date
Wed, 28 Oct 2020 18:33:39 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame BDAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=5062301763140123652
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 28 Oct 2020 18:33:39 GMT
Age
15167359
X-Served-By
cache-lga21948-LGA, cache-hhn4030-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 4167479
X-Timer
S1603910019.293245,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 903B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/onplltelnq/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=1BB5A203-94EC-4A7C-B3F0-D0154702DD1F; PUBMDCID=3; KRTBCOOKIE_391=22924-7257619241315354536; KRTBCOOKIE_336=5844-7871467943501614992; KCCH=YES; pi=156191:3; chkChromeAb67Sec=2; DPSync3=1603929600%3A174%7C1605052800%3A201_197_219; SyncRTB3=1604448000%3A2_15_67%7C1605139200%3A35%7C1604707200%3A63%7C1606435200%3A203%7C1609027200%3A69%7C1605052800%3A21_8_55_189_56_3_223_22_204_165_222_13_7_166_81_220_71_54_5_104_161_99_88_176_78; SPugT=1603910018; KRTBCOOKIE_153=19420-ZuroUDG16Vt-u-QLa7z8UTa56Vt-ubNaYe9c5-OA&KRTB&22979-ZuroUDG16Vt-u-QLa7z8UTa56Vt-ubNaYe9c5-OA; KRTBCOOKIE_377=22918-d31478ca-6c2e-4bdb-8c46-2199cc67d79c&KRTB&23031-d31478ca-6c2e-4bdb-8c46-2199cc67d79c; PugT=1603910019; KRTBCOOKIE_27=16735-uid:ee025f99-b97f-4500-b1f0-2b86c124023c&KRTB&16736-uid:ee025f99-b97f-4500-b1f0-2b86c124023c&KRTB&23019-uid:ee025f99-b97f-4500-b1f0-2b86c124023c&KRTB&23114-uid:ee025f99-b97f-4500-b1f0-2b86c124023c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36218
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 5796 		0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIMQk7K5PwqV1u7RoxVRK38lHg7E1nHMNaVe5DfyqyyRGIbRnUjcOOy8waawlAPtMcj9TkGW88lriqiKH8wI_NjSB-qA_eB336EclvFoMGlH3-3pTNrc3wLFdJ5UCIJldpf6VRXToWVO6WnxyWLUe2Q5aUtGprCshq0Os8cxb9gYZwlRWqEH7_AllSamn0ONopP29B73npCPjHyPkDRP3_J_UGYlFWMMcL-xzWEyHAUOI6KXEvFyMo1td6fQqn_WPzoz0j7RKStDI&sig=Cg0ArKJSzO5lwrrSkTdJEAE&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Oct 2020 18:33:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 28 Oct 2020 18:33:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D4B 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102201&jk=3039265847536121&bg=!Xl2lXX3NAAXH5FQux1jLA8LYqtk6PAIAAAQyUgAAAHoKAJkCVg8yM8qLRR1RWrBmW0yXVnHFjaM6aujZbhXaApTN4Vo7q8qwc6C2j71lwMPoXWDkHmoedPhSOCALaPca_nVc8QB0z5QecpX-WAxHO3INg8LpyTG52ByR_skAWn7bmQqrZN5DCC8EX18q-ksqejE8T5IByPBlIR3XhgTWY1_GBOG3I2TBWi_ll8T45K73gqy43E1XlrM-X1GZAdUZlUpqu4n8fApPgVHGvNbxSLLBzlFhD-hSBIXRTZreLtJ2AZkOdrDoZVzSEs8pkfe6GSNDIIeURaggjPRyXeyFOm0Xa-tzmLzoheOLXEaC67D2Zfxj7Q4h2nKyNvB0KjPTncP0Zq2dCfrKRdX7NmQK15Vmjjhsewx376j1EIeo1HfDEqk6j9d7trGgE58tr9LCsRTJYHsVQdrdRktWInAXVQmiwtcd36L-68e57G_jMpCC8qHX9Ybd5vE-3BHgB7y5yIWo6yOGk2BapEo--QQ5TY9oos0iUf-IhFW0sJU-TUTomXqXxD2gSZgJ1E3rHP4FDKqtOGselhrx-G5MPURlKBh3dNekHXqtgcOpqAQPN4sC6jmiVfLcR8Gx8nsK7mK6O62Kg5JIXkscyrnfVP5QvCEriiAzkju3S_fpYcdW1jSqknUWX8xEP7elADXq4VQ2q6_vmp3-qEwkL60pACVE-AGfEMJ8MCQS5jgz53_PABo5MZbLJ8_nkzy1f-ZB5mKR2Hbt6LyGQOWLAGPKI__36zav-haCN-APifiM3SyxHg7X_leG5i-r8LZ6_qTdhEGumxm3fCMhyWHBMIcGmrFDICayW5m5UJ3dMWFlci_gtvCv72lB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A0C7 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gpt_2020102601&jk=651497422271598&bg=!qqmlqYnNAAVp0lmVaVhtWG0Asz0UpAIAAALKUgAAAD0KAJiAXlIB6jvA8HpE-4zm3KFtSyM_Aj8luPAeYgdzr3JZA672S6rtT5Bo-9FdgP6hOBRIKnWjh_LNZQf0nk-e-xaCUcQOXt6rtMkEFl2Mjo4pTpPoEhSW5Ln5qZCiXE9p6YbZlZPqDoLfWPcBye6kI9Vzq-RxokPzgr3MuWT5DIX2kODIkqxWywibA-HHIwjoW-P0CA-BvMSt-pkBspFfW8pYfgsLXPfSN576bFRVcrB0yXwOccQbN8EB8BNsWjGJnuVxUSxrQQpS0uR26JXfwEw7Qp4Z4kApCeQ-bthHS4w4Hm41IJ4BdktvwxUJOEuc0HaPpUaCVN6tEP3u06ABSTxxIRray6Y-L_f-dJynU02Pn9mACwt4-FLmXwaQJhV4imciRzf0WmnUJPvcKSIm4F_a3SN-iAMq1ptrEJW39-qIj6ZzmIRl1JhXpZG60jqub_Gu9R-f7myK45E8SzIQ7DXIhGYspX-cnlSUkh4EvMu318EFmHKwGxVCFWsrM5iBTgKw5hFjXaMwwRdQO91_5fUfxjfjlBPEGJLj010EL6H3xtN3hSIUc62urQ_nFOONU9H5nRHYSoSwmbZNZM_HupnD_YVehhRUnbrWE6xIVSBB2qBhF-rCI3HI9p7TQuEYJU7sPBp9OdbDqJjgYn_0p_PfhczJ6yHiGMOwIOjdCdovaN-HANQod_GrzDLViMH6cFkFI-BREvdEpiuusuNx9rh5B58Y0ujm5P_vQBmLMinFkrwi2ALp2YQzVd7IaqPCoOaXr0CcBcSvf8z1mB2m
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 2D4B 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 18:33:39 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 09:20:41 GMT
server
nginx
etag
W/"5f8eabe9-12977"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 29 Oct 2020 18:33:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCC9 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201022&jk=1901927532529967&bg=!YmGlYUHNAAVp0lmVaViLibXWpsS8EgIAAAMeUgAAAEYKAW02AlCV0Ydqj3fetdZCilqndqq8_T4T0VwbWJaKCXd7HInajf2lt7ze0cHN1WCnaEnAj-XUX78Y1-MTyQmBtBrtpejT36Oj9lwlLaWmEFaz66SS-UoB9iImJnAuN886_qF8yYn3hiAIPNZMLewynU0aONCM7Ja5rYpuOpdt5zsYJ6SnKC6WC9MedcDgCKWx2JRXMdJ5rq4wAyblHIRgZvdENhK7nnuXGY9qbGAJTts13oKEYJSppVu6Etgf4ujK4Q67K5AMstfcaGUfFwHoXaUUPJyxBCphLjxT9DHHyf5IQ3vsMNgGjUiusUY6hy9ZcfYEAwTVW8mwKj6L88oZlbmSi6BwSbdVPNcTVlLqLl8mYVKtJRaGkVrIkkNR9fy9L_q3fD43a-gTCc7hRpQzLoJ46GfeLyG3oUdXpzFDugp__YsCW8oQv0VkzF2WLqzMPUk9k1ThcPaX1D1hAdaY1rZktgOMTM_p-Dp3MsbBPpkBsudRYC4_5pnqygFzcuLpsEOG3CpkZqZlVPoC4uppcnik_vFnoG0tvqZwiEk2rV72Oy_QCfv0rfk4c7cBHqQ_YZ-tKQmtp1-sYyDNEr_wnkRP5iq4-Z3YHz3xL_TYl49OB0qGaTAg4Tdlb-YnhJtr1it1Tiv6d5bNGyVu8-KECmRztUcDQ_gcUSjj3LBsckVXq3LGpNywNLo83SFtlpRvGO3iTqRErzYVr0IXyR3gw8mHzofS920l-KMLDfNvkOJYJbBu_-wzFjz7ajACNQNL5iwA8-zQF1T2-pAKDiw5g__KYfk2tUo6DYcUfGNJ-UI-V_VkOeFg4T9ez3EEmOylmjAweETala42pTfT9FsLiXcVGKPpM9LTpXfDnugFsfff1kCjoxUQOFPa6QdiX_uU-OS8zlR5-bHExhYh6oIKI7BbkeAgR50SOVjuKZ85sgLBINsRH6GpQxYdTpKbrr-1sivuw0vBTlkRCqiCO6s2z4ci6ZBWHS0zw1kEeJoqmBdZDAdkY_bKmlen3c4Avco32kOZJSUpwxLIzfX_aundhe37p8A3jKJIDsD__MxYJ3Gzt6pm
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F288 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-68.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156191:2; KADUSERCOOKIE=381BAAA8-68DD-4861-A050-CA275204B549; chkChromeAb67Sec=1; DPSync3=1605052800%3A219_201_197%7C1603929600%3A174; SyncRTB3=1605052800%3A7_165_161_223_189_13_99_176_8_55_88_5_166_222_54_71_78_204_220_21_22_81_56_3%7C1606435200%3A203%7C1605139200%3A35%7C1604448000%3A15_67_2%7C1604707200%3A63; PugT=1603910019; PUBMDCID=3; KRTBCOOKIE_279=22890-191e587d-194c-11eb-bd5d-01929a0e2f4c; KRTBCOOKIE_391=22924-8854440487300250529; KRTBCOOKIE_336=5844-2425870215916980855; SPugT=1603910019; KRTBCOOKIE_107=1471-uid:qPDKKa9c1KxQgr5; KRTBCOOKIE_22=14911-8192563120335582310; KRTBCOOKIE_699=22727-AAPf9k6_M3MAABCHUsW_DQ; KRTBCOOKIE_153=19420-V8zCgACTw4pPzs6NWpPWgFLJw4lPm8PfA52DFfsT&KRTB&22979-V8zCgACTw4pPzs6NWpPWgFLJw4lPm8PfA52DFfsT; KRTBCOOKIE_377=22918-cf8573f1-a2d5-48d8-8076-c5f21bcb6a17&KRTB&23031-cf8573f1-a2d5-48d8-8076-c5f21bcb6a17; KRTBCOOKIE_27=16735-uid:792e5f99-b983-4700-957d-dce7cc9bcb80&KRTB&16736-uid:792e5f99-b983-4700-957d-dce7cc9bcb80&KRTB&23019-uid:792e5f99-b983-4700-957d-dce7cc9bcb80&KRTB&23114-uid:792e5f99-b983-4700-957d-dce7cc9bcb80; KRTBCOOKIE_32=11175-AAALz7whuqnamANuNbitAAAAAAA&KRTB&22714-AAALz7whuqnamANuNbitAAAAAAA&KRTB&22715-AAALz7whuqnamANuNbitAAAAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
X-Akamai-Path-Stats
[1:109:891]
Cache-Control
public, max-age=36217
Expires
Thu, 29 Oct 2020 04:37:17 GMT
Date
Wed, 28 Oct 2020 18:33:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 21F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Mon, 28 Sep 2020 17:02:39 GMT
ETag
"4000c-123-5b062a240e9c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
238
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Oct 2020 18:33:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E4CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Server
Apache
Last-Modified
Tue, 06 Oct 2020 14:04:48 GMT
ETag
"e20015-8f4-5b10114f2003a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1136
X-Akamai-Path-Stats
[3:98006:1994]
Date
Wed, 28 Oct 2020 18:33:40 GMT
Connection
keep-alive
Cookie set check.html
biddr.brealtime.com/ Frame D72C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Date
Wed, 28 Oct 2020 18:33:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da7dc694cb30dd1b529c3d8539ffce25e1603910020; expires=Fri, 27-Nov-20 18:33:40 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
AE0RvqouPbkOBEtvGV5RTuEt8dTE683/uciqEpSpJJhpgW/sSWeb/SHb8V0ezR1pT3Q+EDXjlJY=
x-amz-request-id
51F3B84ACEF52004
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6669
Expires
Wed, 28 Oct 2020 18:34:40 GMT
Cache-Control
public, max-age=60
cf-request-id
061215c44000000c15799bb000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5e96bf1a0b4e0c15-AMS
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2AA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://webfonts.ffonts.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 28 Oct 2020 18:33:40 GMT
Age
15167360
X-Served-By
cache-lga21948-LGA, cache-hhn4047-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 3025656
X-Timer
S1603910020.263318,VS0,VE0
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 071C
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRg...
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4Ji...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.196.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=6c10845b-620b-0829-2b59-8caf60807ff5|1603910020
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=6c10845b-620b-0829-2b59-8caf60807ff5|1603910020; Version=1; Expires=Thu, 28-Oct-2021 18:33:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1603910020|gekin0vNiygu; Version=1; Expires=Thu, 12-Nov-2020 18:33:40 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.196.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 28 Oct 2020 18:33:40 GMT
content-type
text/html
content-length
704
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=6c10845b-620b-0829-2b59-8caf60807ff5|1603910020; Version=1; Expires=Thu, 28-Oct-2021 18:33:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.196.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=c59af140-ab96-4258-9229-9ffb6f7bc370&gdpr=1&gdpr_consent=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
date
Wed, 28 Oct 2020 18:33:40 GMT
content-length
0
via
1.1 google
alt-svc
clear
index.html
cdn.districtm.io/ids/ Frame 70CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html?gdpr=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
Requested by
Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611_3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html?gdpr=CO8AT8JO8AT8JAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://webfonts.ffonts.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://webfonts.ffonts.net/

Response headers

status
204
date
Wed, 28 Oct 2020 18:33:40 GMT
set-cookie
__cfduid=ded0bdf21a1db919978ec439cc280bcb11603910020; expires=Fri, 27-Nov-20 18:33:40 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
061215c44f0000d919e1a96000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
5e96bf1a1f12d919-AMS
/
track.adform.net/serving/unload/ Frame 340A 		35 B
462 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7257619241315354536@@40989724,4583682978704924111,0|0|0|0|0|0|0|0|0||0|0|84|BF98C17A-6219-4310-A368-5A1BD6DFE2B3_1|||1|0|0|aMKEmURN3oKJICqow47dV5UU9AViRovK0|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:41 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame EAB1 		35 B
471 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7257619241315354536@@41252078,1644818729210133493,0|0|0|0|0|0|0|0|0||0|0|1484|a2a01388199f485791c3414b56bf3c70-1-1484_85c3aafa297f4b6cad8d8d51d56d2269|||1|0|0|a3iVRKf58vR1LgvehifaN8XhoN_wMwPx0|xZxxCazD0UUqHMLsI0XOHZiVRV91hr4ixAXLe1uKemSmLjooOXN9u5T7WXJg35mT3VYN4Yze8-Yqmn0N_R0iVnyodprii-IX6Hv5ZOm5JomfVuMDQ2y6rujuEAkPuxjSJU--Jc3qTy0SpGCoWSMBcpbaCPXhsyZvcu_rbS-UVFlMdNVl83PDrW-hn2AAo2e72Z_LqvsiVbwuA2SFq55Ae-xWNaH_92N20||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:42 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 5796 		35 B
462 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7257619241315354536@@41048607,6869068998978650407,0|0|0|0|0|0|0|0|0||0|0|84|8BF96355-3F03-40FC-ADE3-8F78F1F6562A_1|||1|0|0|dvhkWI-dZCsxQCoxfJYQOkdxFPTVLSPX0|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://webfonts.ffonts.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Oct 2020 18:33:44 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://webfonts.ffonts.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| setCookie object| googletag object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga object| WebFont function| initPage function| checkformx function| checkform function| add_favorites function| validate function| OpenWindow function| OpenWindow1 function| verifyFormSubscribe function| showhide function| saveads function| stateChanged function| refresh function| refreshx function| stateChangedxx function| GetXmlHttpObject undefined| xmlHttp undefined| innerstr undefined| pagsunt undefined| idto function| stateChangeds function| faddmail function| hideinfo function| stateChangedr function| trim function| addSlashes function| resettext function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| ADAGIO object| _ADAGIO object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| e9PageData object| google_image_requests object| google_reactive_ads_global_state object| Adform boolean| __adform_onload object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

4 Cookies

Domain/Path Name / Value
.ffonts.net/ Name: _gid
Value: GA1.2.2132699192.1603910014
.ffonts.net/ Name: _ga
Value: GA1.2.2141877335.1603910014
.ffonts.net/ Name: _gat
Value: 1
webfonts.ffonts.net/ Name: PHPSESSID
Value: 18bekbpokoqvfplqsosknmplp7

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416)
Message:
Powered by AMP ⚡ HTML – Version 2010200130000 https://webfonts.ffonts.net/
console-api info URL: https://cdn.ampproject.org/rtv/012010200130000/amp4ads-v0.js(Line 416)
Message:
Powered by AMP ⚡ HTML – Version 2010200130000 https://webfonts.ffonts.net/
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102601.js?21068384(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

210270c03f63a4a5bd1e884e909a2c9f.safeframe.googlesyndication.com
23d8f5d6e8e6e46e667114d50c37d4e9.safeframe.googlesyndication.com
3fa4dd7d7ddd623184754540d8ee41d1.safeframe.googlesyndication.com
49d7fc634bd7a0cfe272724f8183ab49.safeframe.googlesyndication.com
55ff61c2acc664461338b25e95d90e78.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
adlv.hit.gemius.pl
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
aktrack.pubmatic.com
ap.lijit.com
as-sec.casalemedia.com
bidder.criteo.com
biddr.brealtime.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.districtm.io
cloud.setupad.com
cm.adform.net
d144mzi0q5mijx.cloudfront.net
d5p.de17a.com
dba6370adff5548cce34f75fd95309ed.safeframe.googlesyndication.com
dmx.districtm.io
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
js-sec.indexww.com
lv.adocean.pl
match.adsby.bidtheatre.com
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prg.smartadserver.com
pubads.g.doubleclick.net
rtb.4finance.com
s.tribalfusion.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
static.criteo.net
stats.g.doubleclick.net
tags.expo9.exponential.com
tpc.googlesyndication.com
track.adform.net
webfonts.ffonts.net
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
104.111.215.135
104.111.215.68
104.111.230.142
104.16.68.69
104.17.120.107
104.18.13.5
104.18.5.23
151.101.113.108
167.99.220.155
178.250.2.131
178.250.2.146
18.196.104.43
185.184.8.30
185.33.221.89
185.64.189.112
185.86.139.29
2.18.233.180
213.155.156.181
216.58.206.6
216.58.212.162
2600:9000:20d7:9a00:1:c815:1b40:21
2606:4700:e2::ac40:8620
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:814::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81a::200a
2a00:1450:400c:c09::9c
2a02:2638:1::3
2a02:2638::1c
34.98.64.218
35.156.245.144
35.190.77.178
35.210.181.65
37.157.2.248
37.157.4.41
37.157.6.252
52.95.124.170
54.38.133.12
54.38.133.13
65.9.24.128
69.173.144.140
72.251.249.13
85.206.143.247
95.216.234.12
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04299d3d6c4dcc035a987abcc689a37fc94df02fe3bc13d9bb1d27f6a8221339
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
051131286663a0b5cab64a1a73eeb8091669037ecfa6e88d922305aafe321f3d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af2f1e4d0d53bc53432665abe0e880b1b7cf93bd336c1745cfd40f7acf7a4e6
0b4413406b8803a84f26ac88c3e225cf679da60537028d89358c18205b700cbd
0b9fd46f854150452d9515658f7accd06a854ff7b12773fe7f1f555c13b45f65
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0ca5b4529fbe3b5121d49974e9c9ca6eacd961f634389fdcbea512356705e593
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10c9d0508882f4ae74af996a9f135420de2bb28da4965e20b25718b0230b0a9a
11854056884f2649578f55aafc2e104bc8f659a890e5e09c7b03fb5417f1cfff
11ce91ee3846aee32bd4be6cc847e21e1aac91453e20411237743dfdf888bec0
12a0f699f4e5d70b306e327cf7df01f3ed65552e839c0168a719f1c6f5b943bc
1473ed301fd0aa6228474a3ebb2b2cf8c5a55a83fa43fedd1cfd0e0c70066aa5
1912d1469f19594a867f06873cadfc7dbaeefd69a89604ad9c8e3bbdd72b5ebf
1b368b0a6e9a8d90b9eaf360d103911e1283d56cd10335b50c4ced50f8ca053f
1c79c62dba9212041721d3b2eb3802b249a514ccf890f33ae81a729273ddb1bd
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
24e45114e890671ba0e6fd7df20141fe44703220b8348e66e5ef34f0c9833371
278695c821ecae8c06a9f6ef90dd299df9efdee6e217c1806b23f75129c1a4af
2ac3b9a031b67c099b2b40b9a8bbe4b6670ef5938cfd0d6bba1f7f01800918b6
2b8f2895822ad7220579aaefc48ceef31a36829201e949c9df1e5e9a038f7c7d
2bda8123ba5973467277113283ab951c518d061c704e239c70cf8667c5af8345
2e2a781c4480bd4f92c98e60955061694a7933e305a3a39e46bea40f3ff950f5
2f1a6ba3a642e4a67afc21c10eed6dad6970e068b7f55070503ee561456615e1
336c02ea40d77969b4feaa5cb5f3300fe65e7751a3ea8ef986ae8a21a9e976b2
3394f9685ed61b92fc5fec7fe45f98d6c9310450fc2de6ae6696c7e6bb609243
344ac8dd67fccdbb055b05cdd7a105e33787edfaf7fff614817f69ff99ab9474
36b243216fd1584d1e478a3bfdfa73bbbd23974e69daae2af6914f4d7336d40b
379bf9de3c8c291c08a96b1489d7eaad78c77e5bf0a322a7b6a0736f123589be
3c2e77bcc0f73e6b70dd09b4c2d383c6a85a8f2e29ecd6bc987cd8717d76d950
3dc07588699fb0adc2702b0e8734bfabdbe45c1838e4fb2884511264bb9ef0a0
3fe02b8e7f073a302175485480af6cab3d91c289f87275c013517e5bf2a0f256
428c181d8f812d33bb9a7b145ef1a324b5751183e0d06feac8abf9cb4aee28ae
451407bd5be95c5fa54b56c4f790ee03d9d7519f673b53a7124a8cd20810d556
459ffa398cdc28cafd4e8174affa96c36b4808061cf009106c15ae039f8b87ba
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
4706fafdf707a64e8443b9701e20cfcb6b24700709ab327c78119c50f73b0ffb
47e6e53d106e021829a1309561503b95b561de091f79b6a3169e411e5c4e0a22
49a44824c3371216dcba3e1089ed5cda6fce27c200e23ea43c840b85b7837eaf
4a60ba861a47e942b7aaa7b256331658bc93e4b371246e866fda52f53fb78f61
4c3bffde2342661ce60686373100daa0e1a0d4c0cc87f0dbb719216e5084324d
4c427f7d925e4ac0c8024e2b6efdf4286f808d69bbbaac395d5031e13e71d78b
4d0f14e212cb76b930899947d176e7a18e50915bf8525d7f66984b372a8828f1
4e1d46cfa4bf4f482367f1acb413c25509d6c71611a280608006dfeb4062e804
5407d04d700aa46c34a0b1c62383ab53e6bbc02a0508ab80c2e255cd4fb1dd55
540a649cba95031724d80b114ffef5da41d1eba3e14c51c0aef219930f575a87
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5705d2ad152cbeb61438ffe8c163b5aeb2457a74748a3ce5c6737fb44cc1c294
572e6dde327de782dd98e4dd0196c8a382a43d59aa2e57fe898c0a2330502ed2
584997659bcc6829d490e7d4f8c14955bd0b95ec27f0c2070adf2f3b9e5129d8
59cf6e2f83ceefb87beb2defc2dc658530b453841de003a6906b7451489e614f
5a18deadb3b64ead79852e2348a71f8f7475a73680d7f9117e92e81278809316
5a93875f4dd8d90dae1b92019c2f104f05dc34088f34f058ce2988cf5dcba49b
5ee7708a31192d6f21138646bce0296c20a672bbe707e0be08dda31380662959
5f89be944f553ec426f046567740a65ab28d43f95527c66ce7c2e03043a8b1bc
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61a045b768e9e88af2f73f9ae55b360a4d6cd4f0c340f9ae3848078d9b48c4eb
61c4203c34972e9084420cff0562564eb984697a26a80864da0695d52686cef1
652aa3a15b05e157b7229123aaf8842a34dfac5cc9ae432edfffe3f06336f61d
69ada733de1303defaf9f14aa858c5e2088f7b976af2e62a6f7932af840b28fc
69fcd7e7d3bf4f10edf22405f55b980c6855fd26f8bcb461a8da2116df13b029
6a3df64e73b28d6e855d6465f5326c9fd3f77243cbed9afb41ce21bbf2d2918b
6a654f1999809111866165651e7f33be50a4c1cf88c6aa7bcbe79477cd628b1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2f7c09a864e6b1deae5d77511cac5bf2b8a9bfe67eba214247b9592412b600
6ccb355d306cb63591096659ac777a81f5d549afa1c464dcf1a5826f3180db49
6d60ff6a5eb3e6c098ec56a8c6b3fa40f4c6b98845b6a7ad1fce32dc09528804
735ab7353db72d77f8bad14687e7fcdf8931079175ffc9c2c82af8cb8bdc6d1a
74d2fd01588987e34ce6b7d981718e3f3094125313997a8e6cf0fa14adc21d65
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
772cb4b4558e1f8f9cbf61622fbb740b96fb839225fd04ee684f6cb4bdd4ccfa
7ae7ab415653bdf80c6980360130705da99ec86a4c8811539a2fff17127bfef8
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
80889d90775495c601e55a9f6af138eb706c464bff97b3f05f613e66ea66d419
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81b0151d268ba027095c35119da2d79a24bd738bfa8a37723cd715e5eb66a555
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8696cee86999f6d03320e995abc00d260687ca83684f05c6c212a47456fe629d
870fc8be88c7b729cbf67f1a2f68a51ae2e9fd14464acb34a4504cfa1a480344
875080666046d0d0c4381288fad193533ca5df43832f56dfe2ce8335ed754e51
8ad4a7b77a8ed2067d348581f1b58bb185a2490384bc0cb0b9039a0fa4f407c2
8be0fd61df7a1d0eb1d18bd93c07005ecc812e891ad3829ffa028f67b666a9ff
8ff9a415dbd14965ec75e5113023ad9161b26ac1de694fa303591c141ec8d070
914d25546feffca3d65b518c72d9abe0dd2c3d5ba4228426353a22d7a87a079c
91e2868f405f4fc36169b88a7ba3600f1c8bbf0fd22c769db27cdeb32f2c7e2d
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
935307555b3555e680e9f1a880a5bcb8dc31540ddd3a7bb1bf14dc03abcfaefa
93b34fbebbe31947f123da997cd85255670e3667c0b858ee219b63af5f183cb7
93e55098f3846c590ea30d65c602bfd53f858a9bec79dd73a15816a70ec06c09
9619286ca63437be4366ffcabdda51fc3a25cf724c4e670662d5e2ee888d1468
9687a0a5fcf7cfbbe3ae5987f05b876b3097d223c3754e27c029fbb54e9f55b2
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9ccb61031667dbac3cdba7043e98c6db961e044679dc28b81eb11031dd4ce45f
9ff98897ecc0516a542eb88b9d2c4859cdab14ddd74b11d00f9bde615ccea001
a10fdaff1ce3041990ace1cae5e4a4c9b1f8b749a78963c696c95831e0d15701
a2a76fa1fbfbd032e4387e1cd59cfa2937368b9ad7831afd44a890373aaeae35
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a3ca893f25ef08a8ab26b227e36dcdd608cfe8521b6cb7c824283045e9d9636d
a57ec0e8e0078a084095b4a3564226ac2eae67451f51c1523ee9136ac07a9e43
ae448ed86f855dbee507852d7073abb4c52d985c105fc1b91d5840144812aeb4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0854b1c4dfe8e249d2561fe242f9b2cb82518eaaaa49f26066ab3d37cca3273
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b54b0821a9b263ead03428ba44cd607ef3b57206efc90920a241ef389c80add3
b69c2418674850660f99224ad0ba74637595ff1a7ae6de42c1d99c3ba78585cf
b6dd7d74246f769fa9679b51096041cacb5f6946ad541806d44fc01d61e3efc5
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3
b8b96b8d7582df81cedf4263b2750d647d9fd197a2f8c6709e12ba92e7e66006
bdc1370bff6faf8ff327841a1c3da8eb6e5e0c9743907031c32c7ce127371f11
bed373320baaf76ddc3e345b527674a8aabb86e72b000c363bbc5fed4d7f82e0
c2206501c5a898123871431da1a1ff12bcaf46194db997e6c9237296d9859daa
c5fe72bda37b4c28c3d9ff4480b8cbb95c7a175da58e93a74f55e85ca6a4b338
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
cafd752fedd4e9850fbcf731d6cfa87e06a334c89373f1e923cee75b789dc8db
cedc2dd553b4cb6ddbe1d06b08a45b987926511f545dffb11c25095c42693154
cfceeeb1ead2e66baeac3749e3fdba6126093f5663bf1ddacb60d21248e543b9
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d1005e9ec2f2d69f1a58c50aac371caff3f47220550bd8f66af8ca0cc56f850f
d9f5a7dc9243ef17d86d7723d62e639425b5ab6a04f19376e9f1b2852d170d05
db319c75633168393333febe18a84acc16d2006f66b46dc347f9777eae33d817
e0288edee1b7a3ad96aca4e0456499703708f9f42fe8b9204efab586d6228586
e054c19318777efc07d97b9c5d0a58ab662ab120a9eff036a4019dce6755c4ec
e1dcb8bc6fbcb278517347b26a76ea29596a73256a61b477c9572d585ca516bc
e3072ba86aa8d2fd47234b4be106c992d91bde1ea44930604732d458dea9c149
e3950981f211d59704e4a7b56aeb78193759f8a097e64d19b1e3232c593f3b3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d1082e6ede3dcf781933f1ec4e3e04a1d1e92577450a40a2e4b65a57c5dff
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
e97ced5b90359ab20059ded2fc85e62cc09c86b5ac1baecf3880a53d1e3d3711
ee4e19a70b53bdd4ac4b54205bdf7c617207e41405315aba6a2ecb42ed2e4873
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0340581cb591822ccc755f95c99a17bd274436b3728427d23975e8346067b2c
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f650a88d4150fcff42f320ff7a0896d76967a0d3950658bfd81d07cbad21ad74
f6bbbc58328e644c5eba7be1d2bfecf2ec07d38c33ba1b8cf9e8e8d8ed383e83
f8524cad34102ac8a64cacec2e280843acc63cbf83185e9295d1dc586e759770
f8a1639be638f6819c6bdd6b50c035815ec62d08ebd840336f2557acdd7bdc18
fa1736ac5bc73109f0b8db968d725aadf2e3025841db7d41eb73742bd8acbf5f
fafc139d18c4a7383cc1eb68ffaa3afb1ab3be1138074518efa8a3a4f9226e56
fbbf1ecae7ef2db3b0795eb94bf5ffea69d31d495d615e5c80dda43e670320b2
ff32df9a2827273e5b3932b8ba7994ffef66ec66dee3f40bfef2e0ced1178757