www.ffonts.net Open in urlscan Pro
95.216.234.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ffonts.net/
Effective URL:
https://www.ffonts.net/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 28 via api (June 28th 2023, 7:50:58 pm UTC) from FI — Scanned from FI

Summary HTTP 50 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 18 domains to perform 50 HTTP transactions. The main IP is 95.216.234.12, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is www.ffonts.net. The Cisco Umbrella rank of the primary domain is 555096.
TLS certificate: Issued by Thawte RSA CA 2018 on June 6th 2022. Valid for: a year.

This is the only time www.ffonts.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	95.216.234.12 95.216.234.12	24940 (HETZNER-AS) (HETZNER-AS)
8	2600:9000:245... 2600:9000:2450:600:1:c815:1b40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	44.216.130.224 44.216.130.224	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	23.39.156.193 23.39.156.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	3.228.234.6 3.228.234.6	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.43.10 54.194.43.10	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4	54.78.65.206 54.78.65.206	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
50	21

2 95.216.234.12 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.12.234.216.95.clients.your-server.de

ffonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ffonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2450:600:1:c815:1b40:21 (United States)

ASN16509 (AMAZON-02, US)

d144mzi0q5mijx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.216.130.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-130-224.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.156.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-156-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.234.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-234-6.compute-1.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.43.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-43-10.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.65.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-65-206.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudfront.net d144mzi0q5mijx.cloudfront.net	104 KB
6	powerad.ai powerad.ai — Cisco Umbrella Rank: 20598 reporting.powerad.ai — Cisco Umbrella Rank: 23178	54 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 10272 s.cpx.to — Cisco Umbrella Rank: 7145	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	376 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
4	gstatic.com fonts.gstatic.com	215 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	3 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670	93 KB
3	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 553 image2.pubmatic.com — Cisco Umbrella Rank: 1036	77 KB
2	brainlyads.com hb.brainlyads.com — Cisco Umbrella Rank: 4000	197 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	166 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
2	ffonts.net 1 redirects ffonts.net — Cisco Umbrella Rank: 360776 www.ffonts.net — Cisco Umbrella Rank: 555096	9 KB
1	openx.net u.openx.net — Cisco Umbrella Rank: 769	304 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	389 B
1	ad.gt a.ad.gt — Cisco Umbrella Rank: 3028	4 KB
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 17542	3 KB
50	18

	Domain	Requested by
8	d144mzi0q5mijx.cloudfront.net	www.ffonts.net d144mzi0q5mijx.cloudfront.net
5	www.googletagmanager.com	www.ffonts.net www.googletagmanager.com powerad.ai
4	s.cpx.to	p.cpx.to
4	fonts.gstatic.com	fonts.googleapis.com
4	powerad.ai	www.ffonts.net powerad.ai
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	hb.brainlyads.com	powerad.ai www.ffonts.net
2	reporting.powerad.ai	powerad.ai
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pagead2.googlesyndication.com	www.ffonts.net pagead2.googlesyndication.com
2	fonts.googleapis.com	www.ffonts.net
1	u.openx.net
1	match.adsrvr.org	p.cpx.to
1	ib.adnxs.com	p.cpx.to
1	p.cpx.to	powerad.ai
1	a.ad.gt	powerad.ai
1	pixel.zprk.io	powerad.ai
1	stats.g.doubleclick.net	www.google-analytics.com
1	ads.pubmatic.com	www.ffonts.net
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.ffonts.net
1	ffonts.net	1 redirects
50	26

This site contains links to these domains. Also see Links.

Domain
www.whatfontis.com
webfonts.ffonts.net
de.ffonts.net
es.ffonts.net
ro.ffonts.net
fr.ffonts.net
it.ffonts.net
pt.ffonts.net
cn.ffonts.net
ru.ffonts.net
ar.ffonts.net
jp.ffonts.net
in.ffonts.net
kreativfont.com
www.fontocean.com
www.fontfreak.com
www.free-fonts.com
www.fontriver.com

Subject Issuer	Validity	Valid
*.ffonts.net Thawte RSA CA 2018	`2022-06-06` - `2023-07-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
powerad.ai Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2022-11-23` - `2023-12-25`	a year	crt.sh
*.zprk.io Amazon RSA 2048 M02	`2023-02-22` - `2023-11-17`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-13` - `2024-01-12`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.ffonts.net/
Frame ID: 12CEEA676E1EA1E027B6E615C64C06CE
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
Frame ID: 4714C142F5CDCB273CA57634B8920A66
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 428A013D2C2B93CC80C15C91BB0014B8
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 3C2BEC4FAC619CCBB4B4134ABB5BC468
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

100,000+ Free Fonts | Download Now - FFonts

Page URL History Show full URLs

http://ffonts.net/ HTTP 301
https://www.ffonts.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

50
Requests

94 %
HTTPS

42 %
IPv6

18
Domains

26
Subdomains

21
IPs

6
Countries

1334 kB
Transfer

3928 kB
Size

23
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whatfontis.com/
Title: What Font Is

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/TIKTAK.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Fira-Code-Regular1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Fira-Code-Light1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Fira-Code-Medium1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Fira-Code-Retina1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Fira-Code-Bold1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Eceng.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/Prince-Baby1.font
Title: @WebFont

Search URL Search Domain Scan URL

URL: https://de.ffonts.net/
Title: DEDeutch

Search URL Search Domain Scan URL

URL: https://es.ffonts.net/
Title: ESEspanol

Search URL Search Domain Scan URL

URL: https://ro.ffonts.net/
Title: RORomana

Search URL Search Domain Scan URL

URL: https://fr.ffonts.net/
Title: FRFrancais

Search URL Search Domain Scan URL

URL: https://it.ffonts.net/
Title: ITItaliano

Search URL Search Domain Scan URL

URL: https://pt.ffonts.net/
Title: PRPortuguese

Search URL Search Domain Scan URL

URL: https://cn.ffonts.net/
Title: CHChinese

Search URL Search Domain Scan URL

URL: https://ru.ffonts.net/
Title: RURussian

Search URL Search Domain Scan URL

URL: https://ar.ffonts.net/
Title: ARArabic

Search URL Search Domain Scan URL

URL: https://jp.ffonts.net/
Title: JPJapanese

Search URL Search Domain Scan URL

URL: https://in.ffonts.net/
Title: INIndian

Search URL Search Domain Scan URL

URL: https://webfonts.ffonts.net/
Title: Web Fonts

Search URL Search Domain Scan URL

URL: http://www.whatfontis.com/
Title: Font Finder

Search URL Search Domain Scan URL

URL: https://kreativfont.com/
Title: Kreativ Font

Search URL Search Domain Scan URL

URL: http://www.fontocean.com/
Title: Font Ocean

Search URL Search Domain Scan URL

URL: http://www.fontfreak.com/
Title: Fonts

Search URL Search Domain Scan URL

URL: http://www.free-fonts.com/
Title: Free Fonts

Search URL Search Domain Scan URL

URL: http://www.fontriver.com/
Title: Font River

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ffonts.net/ HTTP 301
https://www.ffonts.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&google_tc= HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEFYi8x_jf4qNh0hBDxw13BA&dsp=dbm&google_cver=1

Request Chain 46

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12967%26url%3Dhttps%253A%252F%252Fwww.ffonts.net%252F%26hn_ver%3D57%26fid%3D06c2526f-906c-4a39-9a00-d12b7da0d944 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D12967%2526url%253Dhttps%25253A%25252F%25252Fwww.ffonts.net%25252F%2526hn_ver%253D57%2526fid%253D06c2526f-906c-4a39-9a00-d12b7da0d944 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3562135328259682144&pid=12967&url=https%3A%2F%2Fwww.ffonts.net%2F&hn_ver=57&fid=06c2526f-906c-4a39-9a00-d12b7da0d944

Request Chain 47

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CDFB5ED1-2421-4832-961E-24B45F14FED7

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ffonts.net/
Redirect Chain

http://ffonts.net/
https://www.ffonts.net/

62 KB
8 KB

323ms
103ms

Document
text/html

95.216.234.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ffonts.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.234.12 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.12.234.216.95.clients.your-server.de

Software

Resource Hash

79e1a88ee2acfe0243b91669a07ca0ccc8811249b3829fbccaeea9f37621f51b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 8091
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 19:50:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: max-age=31104000 private
content-length: 231
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Jun 2023 19:50:51 GMT
expires: Sat, 22 Jun 2024 19:50:51 GMT
location: https://www.ffonts.net/

GET
H2 200 all.css
d144mzi0q5mijx.cloudfront.net/test/css/ 246 KB
38 KB 393ms
208ms Stylesheet
text/css 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d144mzi0q5mijx.cloudfront.net/test/css/all.css

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0929ca1b40b95c50c0476bbbe79666bfced5eea2cf6a488d0e6a17223fc69798

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:51 GMT
content-encoding: gzip
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 09:35:06 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache: Miss from cloudfront
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 38942
x-amz-cf-id: qjAwUSOxYOr7hDJa6T7MzzSAqJme_rKYTgq3mercQda_IwG-jg6wEg==
expires: Sat, 22 Jun 2024 19:50:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 247ms
86ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 19:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 19:08:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 19:50:51 GMT

GET
H2 200 script.js Show response
powerad.ai/131462114555375/ 209 KB
46 KB 465ms
151ms Script
application/javascript 44.216.130.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/131462114555375/script.js
Requested by: Host: www.ffonts.net
URL: https://www.ffonts.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.130.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-130-224.compute-1.amazonaws.com
Software: / Express
Resource Hash: dc3854fe5e56168ff7ae2fe961d0dcd7929c9deb2460f56bed1767bbdb9d162e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: gzip
last-modified: Mon, 26 Jun 2023 18:32:34 GMT
x-powered-by: Express
etag: W/"3423b-188f8fa9df5"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 294ms
125ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d4991d68fc3e88f8ebea1f49bdae84780dac70194776b6fa02216e602ffc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ffonts.net/
Origin: https://www.ffonts.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48392
x-xss-protection: 0
server: cafe
etag: 824607634253360192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 384ms
198ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-38VQLT3JPX

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7772a6fd19ec4da47afcc09c8a9e1594a267b58d93a0085fc3e5cb84649f362a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 274ms
89ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9036721-1

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1967e70c2d106a3d2265d54aeb56523e60be185de3470f048c7dd1cb6337a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47930
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 18:27:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 spacer.gif
d144mzi0q5mijx.cloudfront.net/images/ 43 B
407 B 118ms
117ms Image
image/gif 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/images/spacer.gif

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Tue, 24 Aug 2004 08:09:54 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 43
x-amz-cf-id: yEYFcl33UFM4YHIL_MEj8jDGR2h4wW9hLJbDxrBiRWx-HQzOzC_eGw==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 all.2.js Show response
d144mzi0q5mijx.cloudfront.net/test/js/ 150 KB
45 KB 206ms
206ms Script
application/javascript 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d144mzi0q5mijx.cloudfront.net/test/js/all.2.js

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b970b6deca6abfdf4dc6455df1329c7e9086e454f5ec3c99b40910bec7b6108c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:51 GMT
content-encoding: gzip
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jan 2021 18:15:33 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-cache: Miss from cloudfront
cache-control: max-age=31536000, private
accept-ranges: bytes
content-length: 45412
x-amz-cf-id: zd3fqNnl8UpFSdGtytd9s__HFA3fpDwlml_MP9fiLnmIDHm7hcuYWA==
expires: Thu, 27 Jun 2024 19:50:51 GMT

GET
H2 200 logo-ffonts.png
d144mzi0q5mijx.cloudfront.net/test/images/ 2 KB
2 KB 119ms
117ms Image
image/png 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/test/images/logo-ffonts.png

Requested by

Host: d144mzi0q5mijx.cloudfront.net
URL: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0b9aee99a671a8bde72ca256d20838fad407f01a4a355e8eb6e217822f0c83af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Thu, 10 Dec 2020 20:43:00 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 1749
x-amz-cf-id: RFWrJd0nMW8wCk5ZLuZQh0T6SnuQXm0eHNMgjw_F35pDWjtEjdEoEA==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 ui.svg
d144mzi0q5mijx.cloudfront.net/i/ 21 KB
7 KB 203ms
202ms Image
image/svg+xml 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/i/ui.svg

Requested by

Host: d144mzi0q5mijx.cloudfront.net
URL: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f6bbbc58328e644c5eba7be1d2bfecf2ec07d38c33ba1b8cf9e8e8d8ed383e83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: gzip
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2017 21:12:07 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
x-cache: Miss from cloudfront
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 6968
x-amz-cf-id: 9ow5c6NPAs_B6Hd5-aPFm3Pb48r1e7wdTH9GddjNifRfXIN9EdTnuA==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 flags_2x.png
d144mzi0q5mijx.cloudfront.net/i/ 4 KB
4 KB 201ms
200ms Image
image/png 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/i/flags_2x.png

Requested by

Host: d144mzi0q5mijx.cloudfront.net
URL: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

69ada733de1303defaf9f14aa858c5e2088f7b976af2e62a6f7932af840b28fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://d144mzi0q5mijx.cloudfront.net/test/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2017 21:23:34 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 3593
x-amz-cf-id: KI5Cal1vINW2CwZV-_B5-XIQ-WcxQfde_s5ay7xB76GdS-RZpTQOyA==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
19 KB 236ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ffonts.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 02:30:05 GMT
x-content-type-options: nosniff
age: 408047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 02:30:05 GMT

GET
H2 200 Space-Grotesk-Medium1.png
d144mzi0q5mijx.cloudfront.net/img/S/P/ 3 KB
4 KB 119ms
118ms Image
image/png 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/img/S/P/Space-Grotesk-Medium1.png

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0c1e5324f5ee50d959ee5ca2022723636e4f300d010320ebd5fd15cc7cd91297

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 19:18:47 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 3563
x-amz-cf-id: 67yyVHjv3YTkDg6C7O5_TzN-6i-wt3LAC8lHIP-iZifHnAEyELb1sw==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 Space-Grotesk-Light1.png
d144mzi0q5mijx.cloudfront.net/img/S/P/ 3 KB
4 KB 120ms
120ms Image
image/png 2600:9000:2450:600:1:c815:1b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d144mzi0q5mijx.cloudfront.net/img/S/P/Space-Grotesk-Light1.png

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2450:600:1:c815:1b40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec8fc17e6ec5b9b221957299d5be59de84313de6a17de0a8f2059b95afd56faa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
via: 1.1 eba0baba7ee3cc49ae1ec4ad205f2ccc.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 19:18:34 GMT
x-amz-cf-pop: CDG50-P4
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31104000, private
accept-ranges: bytes
content-length: 3550
x-amz-cf-id: 2RA4bOpEc_68rpzP3rjhMpoe8QLjT23hvgfn4FTsRAgBJwF9RzvJxA==
expires: Sat, 22 Jun 2024 19:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 101ms
101ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-38VQLT3JPX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9036721-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

874a1aa183839442e0684c8060a78a06aabb676cda7ef28a8fdf5fa8e02f95bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 241ms
75ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9036721-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 18:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4530
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 28 Jun 2023 20:35:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/ 345 KB
119 KB 313ms
154ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7766349947687093&plah=www.ffonts.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9513a07bf851ebb965f6a7539d6a9dce13b3c74d87d141a95a94585c3a15696c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121368
x-xss-protection: 0
server: cafe
etag: 5740735278510572053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/ Frame 4714 10 KB
5 KB 241ms
75ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7766349947687093

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ffonts.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 38434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 09:10:18 GMT
etag: 15057649708203361565
expires: Wed, 12 Jul 2023 09:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 168ms
58ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-38VQLT3JPX&gtm=45je36q0&_p=1784423421&cid=946038735.1687981852&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687981852&sct=1&seg=0&dl=https%3A%2F%2Fwww.ffonts.net%2F&dt=100%2C000%2B%20Free%20Fonts%20%7C%20Download%20Now%20-%20FFonts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38VQLT3JPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffonts.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 449ms
144ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.ffonts.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 437ms
146ms Fetch
text/plain 44.216.130.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.130.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-130-224.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 437ms
146ms Fetch
text/plain 44.216.130.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.130.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-130-224.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 428A 250 KB
76 KB 272ms
89ms Script
application/javascript 23.39.156.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.ffonts.net
URL: https://www.ffonts.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.156.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-156-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:26:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=22449
accept-ranges: bytes
content-length: 77836
expires: Thu, 29 Jun 2023 02:05:01 GMT

GET
H2 200 pbjs_wrapper.v2.0.js Show response
hb.brainlyads.com/ Frame 3C2B 48 KB
15 KB 483ms
181ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

da0f67863bd16b88ba6694e69096ffabab1ad53f32142d17ebede82cf753461b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Tue, 06 Jun 2023 13:27:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"647f3438-c07f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 05 Jul 2023 19:50:52 GMT

GET
H2 200 / Show response
powerad.ai/pubPls/ 57 KB
7 KB 185ms
184ms XHR
text/html 44.216.130.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.ffonts.net%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.130.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-130-224.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5b824ef8cb422d3bec88d594830b4f9b2b6962005f57132bdba85eb57fedec2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"e372-E6GJzCoOOkfL9Gwq7iNKMUf8UKM"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ffonts.net
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 83ms
82ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1784423421&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ffonts.net%2F&ul=en-us&de=UTF-8&dt=100%2C000%2B%20Free%20Fonts%20%7C%20Download%20Now%20-%20FFonts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=144337022&gjid=185374345&cid=946038735.1687981852&tid=UA-9036721-1&_gid=1237840441.1687981853&_r=1&gtm=457e36q0&jsscut=1&z=616265349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffonts.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:50:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffonts.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 428A 552 KB
182 KB 536ms
327ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.ffonts.net
URL: https://www.ffonts.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4e44b4977154a5be3d5b02d4e767e202c332f9f40fb61b7c80795304af72a970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 11:06:55 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"649c144f-89ed4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Wed, 05 Jul 2023 19:50:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 231ms
77ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9036721-1&cid=946038735.1687981852&jid=144337022&gjid=185374345&_gid=1237840441.1687981853&_u=YADAAUAAAAAAACAAI~&z=1951646959

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ffonts.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Jun 2023 19:50:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffonts.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 458ms
145ms Script
text/plain 3.228.234.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.234.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-234-6.compute-1.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 118ms
118ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X9JX2ZYPJM

Requested by

Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc5ca05d65ad3ef42de65784a9517dc012d975330b2b0d93bfb36c4f25167f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 87ms
87ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X9JX2ZYPJM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9036721-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

015857d43aca8d2408f3e656e14241eb09d76514a78e09c2b240de50764a7986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Jun 2023 19:50:52 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 391ms
257ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.ffonts.net%2F&ref=
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94e197c44524410dd77d80a666a422599047a66f344dca59ea8d58ed1a23baf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 28 Jun 2023 19:50:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7de87614df7db4ee-OSL

GET
H2 200 px.js Show response
p.cpx.to/p/12967/ 4 KB
2 KB 303ms
92ms Script
application/javascript 54.194.43.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.43.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-43-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 02cf6d6537b0e3b81a8736dc90892dc30eb491edec79d14054f8104770535699

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
content-encoding: gzip
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8

GET
H2 200 ca-pub-7766349947687093 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 307ms
111ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7766349947687093?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7766349947687093&plah=www.ffonts.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11aad002e26ca78f2905d421db6c39944edeb856461a07edf0763d801d8353d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Sa9ndyD-6vxX5OLTGDTRTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-Sa9ndyD-6vxX5OLTGDTRTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 59ms
58ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X9JX2ZYPJM&gtm=45je36q0&_p=1784423421&cid=946038735.1687981852&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687981853&sct=1&seg=0&dl=https%3A%2F%2Fwww.ffonts.net%2F&dt=100%2C000%2B%20Free%20Fonts%20%7C%20Download%20Now%20-%20FFonts&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X9JX2ZYPJM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:50:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ffonts.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
816 B 243ms
76ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 19:50:53 GMT
AN-X-Request-Uuid: e23fd2a3-bc66-4e25-b980-75577acbb7c4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.ffonts.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.138.7.244; 193.138.7.244; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 283ms
92ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: cd7a41b63894b1a2f65b50505c2ae356b9c043c66199235f5a6b7dc0e9db5ef7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ffonts.net
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 28 Jul 2023 19:50:53 GMT

GET
H2 200 AGSKWxX5Ur2sAHZE4eOkn1NK_qT4z8PhJmmr1DHUF4D7EkwL4pw4lhvhR1rxraEu0zbgQcPUJM3FFyu1CKY_xyKw58c= Show response
fundingchoicesmessages.google.com/f/ 279 KB
45 KB 176ms
175ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX5Ur2sAHZE4eOkn1NK_qT4z8PhJmmr1DHUF4D7EkwL4pw4lhvhR1rxraEu0zbgQcPUJM3FFyu1CKY_xyKw58c=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3OTgxODUzLDM3MDAwMDAwMF0sIjYwOTYzM0YxLTk1MkItNDc3MC1COTBBLTU0RUNBQTA2NDZFRSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmZmb250cy5uZXQvIixudWxsLFtbOCwiQUxId2wtTGl0bEkiXSxbOSwiZmkiXSxbMTgsIltbWzFdXV0iXSxbMTksIjEiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.ALHwl-LitlI.es5.O/d=1/rs=AJlcJMz_yIrspKyS0PwOiy33G4r543wfUw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6d96f18d3e258035735d6a8fb3f2dd5af273e88c1520420660a509064888db80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yOac09RFfTVf1NBcsIiuZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-yOac09RFfTVf1NBcsIiuZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 52 B
455 B 363ms
88ms XHR
text/plain 54.78.65.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12967&url=https%3A%2F%2Fwww.ffonts.net%2F&hn_ver=57&fid=06c2526f-906c-4a39-9a00-d12b7da0d944
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.65.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-65-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 44186b3e1d7fc7e4c38cccb003bc13e1757665660406b166a6b64771df8874ca

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 19:50:53 GMT
vary: Origin
p3p: CP="NOI DEV ADM"
access-control-allow-origin: https://www.ffonts.net
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52
expires: Wed, 28 Jun 2023 19:50:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 63 KB
4 KB 91ms
91ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.ALHwl-LitlI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz_yIrspKyS0PwOiy33G4r543wfUw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ee0a80a3b153889236cb575dd99faeac9974cecfe50462193c6c4a0844a4b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 19:50:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 19:50:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Jun 2023 19:50:53 GMT

POST
H3 204 AGSKWxVT1g0OjUxXMgUBdusHYffrLV3VydtnIrIdTEMmyKAueXPX50k4Cvg6KakMTEtp_64j3TYUK5D8uaUfEf-_PbO_0dHsLEMs8iBfRCk0tYStE3n5W5o2QNpAz18DmYRxjOd4ql_KPg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 242ms
90ms XHR
text/html 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVT1g0OjUxXMgUBdusHYffrLV3VydtnIrIdTEMmyKAueXPX50k4Cvg6KakMTEtp_64j3TYUK5D8uaUfEf-_PbO_0dHsLEMs8iBfRCk0tYStE3n5W5o2QNpAz18DmYRxjOd4ql_KPg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AkQd8sm3f_hpwExYsjF-pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ffonts.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 28 Jun 2023 19:50:53 GMT
content-security-policy: script-src 'report-sample' 'nonce-AkQd8sm3f_hpwExYsjF-pA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ffonts.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 78ms
78ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ffonts.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 05:24:38 GMT
x-content-type-options: nosniff
age: 51975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 05:24:38 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 249ms
249ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ffonts.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 415749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 00:21:44 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 275ms
275ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ffonts.net
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 360548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 15:41:45 GMT

GET
H/1.1

204
No Content

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&google_tc=
https://s.cpx.to/sync?dsp_uid=CAESEFYi8x_jf4qNh0hBDxw13BA&dsp=dbm&google_cver=1

0
443 B

180ms
88ms

Image
text/plain

54.78.65.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEFYi8x_jf4qNh0hBDxw13BA&dsp=dbm&google_cver=1
Protocol: HTTP/1.1
Server: 54.78.65.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-65-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Wed, 28 Jun 2023 19:50:54 GMT
Connection: keep-alive
expires: Wed, 28 Jun 2023 19:50:54 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:50:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEFYi8x_jf4qNh0hBDxw13BA&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
u.openx.net/w/1.0/ 43 B
304 B 301ms
179ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 19:50:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12967%26url%3Dhttps%253A%252F%252Fwww.ffonts.net%252F%26hn_ver%3D57%26fid%3D06c2526f-90...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D12967%2526url%253Dhttps%25253A%25252F%25252Fwww.ffont...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3562135328259682144&pid=12967&url=https%3A%2F%2Fwww.ffonts.net%2F&hn_ver=57&fid=06c2526f-906c-4a39-9a00-d12b7da0d944

42 B
42 B

88ms
87ms

Image
text/plain

54.78.65.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3562135328259682144&pid=12967&url=https%3A%2F%2Fwww.ffonts.net%2F&hn_ver=57&fid=06c2526f-906c-4a39-9a00-d12b7da0d944
Protocol: HTTP/1.1
Server: 54.78.65.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-65-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 19:50:54 GMT
Date: Wed, 28 Jun 2023 19:50:54 GMT
Connection: keep-alive
Content-Length: 42
p3p: CP="NOI DEV ADM"

Redirect headers

Date: Wed, 28 Jun 2023 19:50:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.138.7.244; 193.138.7.244; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9d54b8f8-7903-4b50-a7b5-3d7dc65509ef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=3562135328259682144&pid=12967&url=https%3A%2F%2Fwww.ffonts.net%2F&hn_ver=57&fid=06c2526f-906c-4a39-9a00-d12b7da0d944
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CDFB5ED1-2421-4832-961E-24B45F14FED7

0
457 B

127ms
88ms

Image
text/plain

54.78.65.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CDFB5ED1-2421-4832-961E-24B45F14FED7
Protocol: HTTP/1.1
Server: 54.78.65.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-65-206.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.ffonts.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
Date: Wed, 28 Jun 2023 19:50:54 GMT
Connection: keep-alive
expires: Wed, 28 Jun 2023 19:50:54 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CDFB5ED1-2421-4832-961E-24B45F14FED7
date: Wed, 28 Jun 2023 19:50:53 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 434ms
145ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/131462114555375/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.ffonts.net/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 28 Jun 2023 19:50:54 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ffonts.net/	1969-12-31 23:59:59	Name: SESSIONID Value: ff1
www.ffonts.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: pg2ea5djkkvf2sgs9iretkm415
.ffonts.net/	1970-01-20 21:38:37	Name: tvff Value: 1
www.ffonts.net/	1969-12-31 23:59:59	Name: SESSIONID Value: ff2
.ffonts.net/	1970-01-20 22:29:01	Name: _ga_38VQLT3JPX Value: GS1.1.1687981852.1.0.1687981852.0.0.0
.ffonts.net/	1970-01-20 12:54:28	Name: _gid Value: GA1.2.1237840441.1687981853
.ffonts.net/	1970-01-20 12:53:01	Name: _gat_gtag_UA_9036721_1 Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12331dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12593dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12594dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12595dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 12940dcr-g Value: 1
powerad.ai/	1969-12-31 23:59:59	Name: 13127dcr-g Value: 1
.ffonts.net/	1970-01-20 22:29:01	Name: _ga_X9JX2ZYPJM Value: GS1.1.1687981853.1.0.1687981853.0.0.0
.ffonts.net/	1970-01-20 22:29:01	Name: _ga Value: GA1.1.946038735.1687981852
.cpx.to/	1970-01-20 21:38:37	Name: cpSess Value: 3dd6915a9b451c37
.adnxs.com/	1970-01-20 15:02:37	Name: uuid2 Value: 3562135328259682144
.pubmatic.com/	1970-01-20 15:02:37	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 21:38:37	Name: KADUSERCOOKIE Value: CDFB5ED1-2421-4832-961E-24B45F14FED7
.doubleclick.net/	1970-01-20 22:29:01	Name: IDE Value: AHWqTUk-5vTLg-T-Msbh44uM-YKuaoeLuMQcIzm1G8kj5E4QBmy_XuO6FL_snlZ8A6w
.cpx.to/	1970-01-20 21:38:37	Name: dsp_app_nexus Value: 3562135328259682144#1687981854067
.cpx.to/	1970-01-20 21:38:37	Name: dsp_pubmatic Value: CDFB5ED1-2421-4832-961E-24B45F14FED7#1687981854156
.cpx.to/	1970-01-20 21:38:37	Name: dsp_dbm Value: CAESEFYi8x_jf4qNh0hBDxw13BA#1687981854246

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ads.pubmatic.com
cm.g.doubleclick.net
d144mzi0q5mijx.cloudfront.net
ffonts.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hb.brainlyads.com
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
p.cpx.to
pagead2.googlesyndication.com
pixel.zprk.io
powerad.ai
region1.google-analytics.com
reporting.powerad.ai
s.cpx.to
secure.adnxs.com
stats.g.doubleclick.net
u.openx.net
www.ffonts.net
www.google-analytics.com
www.googletagmanager.com
172.217.16.194
185.64.190.80
185.89.210.141
185.89.210.212
2001:4860:4802:32::36
23.20.158.212
23.39.156.193
2600:9000:2450:600:1:c815:1b40:21
2606:4700:10::ac43:17ea
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
3.228.234.6
3.33.220.150
34.98.64.218
44.216.130.224
54.194.43.10
54.234.151.247
54.78.65.206
95.216.234.12
015857d43aca8d2408f3e656e14241eb09d76514a78e09c2b240de50764a7986
02cf6d6537b0e3b81a8736dc90892dc30eb491edec79d14054f8104770535699
0929ca1b40b95c50c0476bbbe79666bfced5eea2cf6a488d0e6a17223fc69798
0b9aee99a671a8bde72ca256d20838fad407f01a4a355e8eb6e217822f0c83af
0c1e5324f5ee50d959ee5ca2022723636e4f300d010320ebd5fd15cc7cd91297
0ee0a80a3b153889236cb575dd99faeac9974cecfe50462193c6c4a0844a4b40
11aad002e26ca78f2905d421db6c39944edeb856461a07edf0763d801d8353d2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
41d4991d68fc3e88f8ebea1f49bdae84780dac70194776b6fa02216e602ffc63
44186b3e1d7fc7e4c38cccb003bc13e1757665660406b166a6b64771df8874ca
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e44b4977154a5be3d5b02d4e767e202c332f9f40fb61b7c80795304af72a970
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b824ef8cb422d3bec88d594830b4f9b2b6962005f57132bdba85eb57fedec2e
69ada733de1303defaf9f14aa858c5e2088f7b976af2e62a6f7932af840b28fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d96f18d3e258035735d6a8fb3f2dd5af273e88c1520420660a509064888db80
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
7772a6fd19ec4da47afcc09c8a9e1594a267b58d93a0085fc3e5cb84649f362a
79e1a88ee2acfe0243b91669a07ca0ccc8811249b3829fbccaeea9f37621f51b
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
874a1aa183839442e0684c8060a78a06aabb676cda7ef28a8fdf5fa8e02f95bf
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
9513a07bf851ebb965f6a7539d6a9dce13b3c74d87d141a95a94585c3a15696c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b970b6deca6abfdf4dc6455df1329c7e9086e454f5ec3c99b40910bec7b6108c
c1967e70c2d106a3d2265d54aeb56523e60be185de3470f048c7dd1cb6337a38
c94e197c44524410dd77d80a666a422599047a66f344dca59ea8d58ed1a23baf
cc5ca05d65ad3ef42de65784a9517dc012d975330b2b0d93bfb36c4f25167f86
cd7a41b63894b1a2f65b50505c2ae356b9c043c66199235f5a6b7dc0e9db5ef7
da0f67863bd16b88ba6694e69096ffabab1ad53f32142d17ebede82cf753461b
dc3854fe5e56168ff7ae2fe961d0dcd7929c9deb2460f56bed1767bbdb9d162e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec8fc17e6ec5b9b221957299d5be59de84313de6a17de0a8f2059b95afd56faa
f6bbbc58328e644c5eba7be1d2bfecf2ec07d38c33ba1b8cf9e8e8d8ed383e83

www.ffonts.net Open in urlscan Pro 95.216.234.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

94 %HTTPS

42 %IPv6

18 Domains

26 Subdomains

21 IPs

6 Countries

1334 kBTransfer

3928 kBSize

23 Cookies

27 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ffonts.net Open in urlscan Pro
95.216.234.12 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

94 %
HTTPS

42 %
IPv6

18
Domains

26
Subdomains

21
IPs

6
Countries

1334 kB
Transfer

3928 kB
Size

23
Cookies

50 HTTP transactions
0 data transactions