greatfon.com Open in urlscan Pro
2606:4700:3032::ac43:df37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://greatfono.com/
Effective URL:
https://greatfon.com/
Submission: On August 12 via manual (August 12th 2022, 3:11:39 pm UTC) from DE — Scanned from DE

Summary HTTP 119 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 119 HTTP transactions. The main IP is 2606:4700:3032::ac43:df37, located in United States and belongs to CLOUDFLARENET, US. The main domain is greatfon.com. The Cisco Umbrella rank of the primary domain is 363963.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2022. Valid for: a year.

This is the only time greatfon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:805d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 38	2606:4700:303... 2606:4700:3032::ac43:df37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
8	23.47.212.127 23.47.212.127	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
119	19

1 2606:4700:3033::ac43:805d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

greatfono.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:3032::ac43:df37 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

greatfon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.greatfon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.greatfon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2.greatfon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.47.212.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-127.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	406 KB
38	greatfon.com 1 redirects greatfon.com — Cisco Umbrella Rank: 363963 cdn3.greatfon.com cdn1.greatfon.com cdn2.greatfon.com	797 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1505 m.addthis.com — Cisco Umbrella Rank: 1429 api-public.addthis.com — Cisco Umbrella Rank: 4330	217 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10493	3 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	45 KB
5	gstatic.com fonts.gstatic.com	72 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	1 KB
2	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 7186	427 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3617	74 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1674	718 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 442	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	40 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	44 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8117	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	645 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2742	344 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	71 KB
1	greatfono.com 1 redirects greatfono.com	515 B
119	19

	Domain	Requested by
36	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
24	cdn3.greatfon.com	greatfon.com
9	pagead2.googlesyndication.com	greatfon.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	greatfon.com	1 redirects greatfon.com
6	mc.yandex.com	2 redirects mc.yandex.ru greatfon.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn1.greatfon.com	greatfon.com
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	greatfon.com s7.addthis.com
2	widgets.pinterest.com	s7.addthis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	mc.yandex.ru	1 redirects greatfon.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	greatfon.com
1	cdn2.greatfon.com	greatfon.com
1	www.googletagmanager.com	greatfon.com
1	greatfono.com	1 redirects
119	26

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://greatfon.com/
Frame ID: A95CA68651642FC59A422C42A4A40D06
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html
Frame ID: CE7D75789ADB6B2A840D7940661C174E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&adk=1812271804&adf=3025194257&lmt=1660317093&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgreatfon.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317092952&bpp=23&bdt=141&idt=175&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8039417939945&frm=20&pv=2&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: F71561F4C02A58E678E11C0588B41A19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&h=90&slotname=3850634962&adk=2294932030&adf=3235933448&pi=t.ma~as.3850634962&w=728&lmt=1660317093&psa=0&format=728x90&url=https%3A%2F%2Fgreatfon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317093000&bpp=8&bdt=188&idt=148&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8039417939945&frm=20&pv=1&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=421&ady=1070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5PsHPRkp6U&p=https%3A//greatfon.com&dtd=153
Frame ID: 336DF39F83F1488C0909293B1977B628
Requests: 9 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 1D5F48DE6546089E6076357F14515C68
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html
Frame ID: 25601E7E328C664B4F798C974C7928FA
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A8033F975FAF2A87BB62C1C63D1D80C
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 27385351FA9E6D9B29E33D92FE4A752D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9D0345A31C1788B0134E4656EB926417
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BE7DA3D2E79C8CF3AEFC84D48C4D513
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 273C1ADD30203F0A694C461EC4FCC78B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instagram story viewer - Watch profiles, stories, followers, reels, tagged web posts anonymously. Best insta viewer for video and photo from InstagramFacebookTwitterWhatsAppPinterestEmailAddThisFacebookTwitterWhatsAppPinterestEmailAddThis

Page URL History Show full URLs

https://greatfono.com/ HTTP 301
http://greatfon.com/ HTTP 301
https://greatfon.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

119
Requests

97 %
HTTPS

79 %
IPv6

19
Domains

26
Subdomains

19
IPs

5
Countries

1773 kB
Transfer

3662 kB
Size

20
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://greatfono.com/ HTTP 301
http://greatfon.com/ HTTP 301
https://greatfon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.nwQM5pykrMrp3c-h1JAF92jdwf2tVVG2WPPPioUMMyNLPb-Z5m4n0VC2RKS6aP3H.cltejQat6q2ina3Bp_SlzHc7vXk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9728.zZ07NirfblS5gV8jzWv3U5s8KaG5RCmVb-2ObZa_D6mnoerecWyRHbmhuXQjVRnYOfiYYmpO5jD5mCEuu6nk4Q%2C%2C.uQOXUAQ3BPuQqv69MHMd4axAeUc%2C

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://mc.yandex.com/watch/71984668?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1536743714089%3Ahid%3A197984236%3Az%3A0%3Ai%3A20220812151133%3Aet%3A1660317094%3Ac%3A1%3Arn%3A57788903%3Arqn%3A1%3Au%3A1660317094606449369%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660317092184%3Ads%3A0%2C60%2C137%2C3%2C420%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aafr%3A2f7e9430_17-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Arqnl%3A1%3Ast%3A1660317094%3At%3AInstagram%20story%20viewer%20-%20Watch%20profiles%2C%20stories%2C%20followers%2C%20reels%2C%20tagged%20web%20posts%20anonymously.%20Best%20insta%20viewer%20for%20video%20and%20photo%20from%20Instagram&t=gdpr(14)clc(0-0-0)mtb(0)aw(1)rqnt(1)cs(kc7abe)efid(1)afr(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/71984668/1?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1536743714089%3Ahid%3A197984236%3Az%3A0%3Ai%3A20220812151133%3Aet%3A1660317094%3Ac%3A1%3Arn%3A57788903%3Arqn%3A1%3Au%3A1660317094606449369%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660317092184%3Ads%3A0%2C60%2C137%2C3%2C420%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aafr%3A2f7e9430_17-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Arqnl%3A1%3Ast%3A1660317094%3At%3AInstagram%20story%20viewer%20-%20Watch%20profiles%2C%20stories%2C%20followers%2C%20reels%2C%20tagged%20web%20posts%20anonymously.%20Best%20insta%20viewer%20for%20video%20and%20photo%20from%20Instagram&t=gdpr%2814%29clc%280-0-0%29mtb%280%29aw%281%29rqnt%281%29cs%28kc7abe%29efid%281%29afr%281%29rqnl%281%29ti%282%29

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
greatfon.com/
Redirect Chain

https://greatfono.com/
http://greatfon.com/
https://greatfon.com/

37 KB
10 KB

198ms
137ms

Document
text/html

2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0421ff8044885d5d76a267dbf36d6644ccc678e0407d3c76b7ac51760d50b55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 739a24e54d953760-MXP
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Fri, 12 Aug 2022 15:11:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGfy4iHLo2nQjmw6ceeufZtM8vHBbKV7CHhDwhMyK4zcuJZmGQExOgXT%2BG1nruJNHw2GtTAlpe1h8QgJ%2BX0f3X%2BxJ4cKy43JaD6XCYESmTalMy%2FyBW1k1PKPBCg6LgKj53J1AydrSPyie9s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: FwqhmV7N7lWTJagKu5YB
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 739a24e4ab8f374b-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 12 Aug 2022 15:11:32 GMT
Expires: Fri, 12 Aug 2022 16:11:32 GMT
Location: https://greatfon.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W251YE4Xk1epc3eNaUbdz44Fh6VDRTGEA6spPquUpdUzYEqLs46ojibPSLIUtlYAvWpE35XWAouRRTfgkChrzieXnjKUcbk0OOUpSyVRG1HHMAkXwIK%2ByJl55gHsUw69fL78Rr4M66vluJ8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 inst1.app-26ebb571748ec0315b1406b00ef49b43.css
greatfon.com/css/ 179 KB
34 KB 44ms
40ms Stylesheet
text/css 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Requested by: Host: greatfon.com
URL: https://greatfon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28d6cdb39560d8b1c59405d7f04eb09ea39d84f47b07d3fb4deaae56eefbc18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Jun 2022 10:54:54 GMT
server: cloudflare
age: 3730598
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZeWOW13dvkOrJL1JePpSJGjOqflaAHRZIFieLrCojERDkYMJeEkWcs%2FUOB7EZSUcdREP0lKtFa5Lbq%2B2PvS8zh5CCcKY%2FAxtUacslbspvpL4nmc3c1W92yUMQZ1oVr1%2F4QIuai%2FAvCzkUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 739a24e64f163760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
56 KB 92ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4235477045164216

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6798303e2e402fefdfd1813956fa66535060c03ad901417ae505dd5c9b5a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatfon.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57245
x-xss-protection: 0
server: cafe
etag: 4389102696649359491
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 15:11:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 72ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T410N8PBE5

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a82c8f8c9ee902131a71c2c211358fecd60e972cb0db459d07dab8a98a6d07fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72363
x-xss-protection: 0
expires: Fri, 12 Aug 2022 15:11:33 GMT

GET
H2 200 view
cdn3.greatfon.com/ 5 KB
6 KB 347ms
331ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCMwUTMFZkM20TZvZyZ3UGNxZ1ViNUdhlEb4QVUzUkb2FzUnhkNIB1dXV1clh1Txc2QapkeplGM5QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZCc3FlTBhDWBlkQDdGVQZHRuFDa9MGav91Yu9lJ1ATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X1MDM5cDO2MzNwkTN5cDOwAjMy81N3cjM5UDO3MjNyMzNzEzX3MDM2cDOwQjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0bfb9c7c02796b01f4c33d42417211381e704e986e5cb7a98a6945905ac6a57

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1082071610
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2260335081
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmXFhYAZBcNwmhDnC
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Mon, 30 Aug 2021 22:42:01 GMT
server: cloudflare
x-content-cdn-origin-ts: 1659550849561
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t43%2FBul7a09ZU4ZK70mfShJMQ4zicun7ZVxDm1yKSwORtVEuAh8pE3tE%2FL5EhCvql04Hm03vNvY0pXFKLrECUD0DSigdcf%2FYsP%2F7keYpMY%2B84Q9kKeh1%2FkXs%2BI7V4Vk%2FzDcIbiBCYK%2BSwU99LIknlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 799092579
cf-ray: 739a24e748953760-MXP

GET
H2 200 view
cdn1.greatfon.com/ 5 KB
5 KB 578ms
560ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.greatfon.com/view?q=%3D%3DwIkFWYiNWN9QWaz91Yu9lJwIEN1UkRyYTPl9mJRJFWTJWVChVZz0URmRXRtEFTQZWOlFVZBBFRmdGezEUY5pUbxhkY2JlZx8FVB9FMw0DavZSNtcTPiN2YmEUQBFkQjxUQ3cESB1TbkVmJyQVeu9UOYF0ZH1GMiZVZipkaZ1zYo92Xj52XmEDMx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52XmATNxgHM1EzcfdGcq1CdzRWPwR3c%2FcGcq5ibfdTN5QTM1ETNwIzM5IzN4ITN2MzX3EDOykTMwMjM3IDMwQjNfJjM2cjM1MzNvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43a39adfe946290d7127f4d02923cef4224e4a65c6eeb933f950797870a630b2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3210418448
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2965597145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmXIZY9_ShC8eXVPD
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Thu, 02 Jul 2020 13:34:13 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660246905854
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHmJSFDTgQQCHeTBhR6h0oh0KfcDfvm6IbYd5tq%2FSZJHDl7%2FvLDP3gikgdogu44XG1adAisC2n7zBolglZ1%2F6s3cZpQGwNAnNPNV1o5neg9UeyasI9udiTiFVQ0OdilIp5nH%2BJ2szsb8sAKemyppwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3151321518
cf-ray: 739a24e748a13760-MXP

GET
H2 200 view
cdn3.greatfon.com/ 5 KB
5 KB 464ms
448ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmMUR3IERGJjN9U2bmcHOBFXMlJleMJzSiVncy1SeXJ1V0oHN0hWMmpmZr9WYCVndypldqdVbSRTOUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmUFa6RjY4gVQwU0Xt0yUwgEO3gUPjh2bfNmbfZSMxETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuQnblRnbvN2c9QHafNmbfZCM1EDewUTMz91ZwpWL0NHZ9AHdz9zZwpmLu9lN2YjNzQTM1QDMzUTO2czM1QzNfdjM3ATO0QDO3gzN3kjMxEzX4YTOyQDO0cjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc6d84b1934f70bb7303bfa08bc67343575f130ef551fc0f3b39d31d9e73de0d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 806284383
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=1533992133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmXFxELLrBhoeXVOD
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Mon, 28 Feb 2022 22:19:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FhjTJTyM%2F%2F9XQ1g8tRcw62%2BqLgP%2BFPn4yEpQ4Kye86iyLCOZ%2B5BZNpjbrHfH4MwEugepOr36hXz5t6ha9X8itUhRl370mH%2BDF3ZA2Q5Ng2FBM1Rw1LRC7lfx1W0BxHxd0ZiO4dYnzyTZI5u9PgX7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 375086979
cf-ray: 739a24e7488f3760-MXP
x-fb-server-cluster-forwarded: odn2c09

GET
H2 200 view
cdn3.greatfon.com/ 8 KB
8 KB 1431ms
1415ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmYUNGFDRGJjN9U2bmE1RyZ3QkxWUzZkUndzYxknbv1WVkhlSydnRIVGU2lUTfRUdp1UVjtmS3FHOUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmc0ZI9FZtgVQRZWY3ZTOspnZqFXPjh2bfNmbfZCMwETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuQnblRnbvN2c9QHafNmbfZCM1EDewUTMz91ZwpWL0NHZ9AHdz9zZwpmLu9FOwATM2UTMxIDNyYjNxQTO1YDNfBDN2UDO4EzN4YzMzATN5IzX3MTMxEDNzQjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2e000a6d137f791ea8b531d81cf2414d194183b7a29c7598ce2f8dd82e6b9f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3202674052
date: Fri, 12 Aug 2022 15:11:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=732124101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmXF9XBj44IIvIbnB
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Fri, 15 Oct 2021 09:51:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2Ff%2BzqvYeP7maHETbB8In2IXxXv89aKulPJV1X%2BTGti7eGg%2BGG8kiwo2becmpgfgqB%2BfxuFjOymHvpXXnSpZyB3UA8qC%2BqGVLjnzhH1UpTSJM7UKG0jERHtaVWbe6rC6Ij5DLQT2sRxNXg%2FYo%2B9fag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 91359706
cf-ray: 739a24e748963760-MXP

GET
H2 200 view
cdn3.greatfon.com/ 28 KB
28 KB 99ms
84ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3D%3DwI2EmMhhDN9QWaz91Yu9lJGRTO0UkRyYTPl9mJBNTMQNDc3UDMtgUY3hHcCdWeRx2VMRnZvN2bD1ScwVUY4d0c4EXclF1UfhDVB9FMw0DavZSNtcjYjNWLy4iasd0YmZ1RiBnWyIWeCNDW6Z1MiRHbuJmd1cVW9kXZr9VZoNWYj91ZpZSNtcTPiN2YmEUQBFkQNljbRxGTB1TbkVmJx5UOtwEOYFUULZjd3dURmdmTY1zYo92Xj52XmETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuETLxI3bm1CduVGdu92Yz1Ddo91Yu9lJ5oUaiZHZXFGMwpmTwkkeYVXOyoFcSNDWy50VZBjTzglcKNjYzIFWaVXOWp1cs1WW2FjMYtGbyIWeS1mYolTMaBnSp9UaRdlY5pUel1zZmV2PnBnau42XycjM2IzM0MzN5gTN5YDM2QDNy8VOxUjM4gjMwEzNwcTN0MzX4EjM0gDO0QzL5ETL1gDOy4SM1Q3L29SbvNmLtFmcnFGdz5WauR2YuETLxI3bm1CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2903063741
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3129229475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmUSxizvvNokmRJhC
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Wed, 21 Nov 2018 19:35:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkdYkzRMciDoLvkrV5wwDhsuVuAieXq9HhHLDnO3ztVCcE8WLISbxO0%2BPxTzWcCHd8iUWweG9A%2FJxcMjvGJRz50UiP9AelLVK0UExefxXM4jHAEQO4w7JJtSdt3aLSb24lRydlUzSNcuVzByx9nyXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3129229475
cf-ray: 739a24e7489c3760-MXP
x-fb-server-cluster-forwarded: odn2c02

GET
H2 200 view
cdn3.greatfon.com/ 7 KB
7 KB 90ms
75ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZiN5UTMEZkM20TZvZydKNmUzpXdrR0YIlDawhkQGNEN3F2X4YHT0YENWd2b6RmazIEetFmemhWZtQVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZCeqhGV40CWBNXeFFUYfhmc2lDZ9MGav91Yu9lJxETM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42XxgzM3EjM0MDOwYDNxEzN3EzM281NyIDM3IzMxEjNzMzN0UzXzcTM1ATOzUjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0093cff7ece7313be2fc38fed099dfc56393dae35b3dc04526d3bac470544e52

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 421340131
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=1377224429
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmOTxv3syEyIT6nLE
timing-allow-origin: *
x-fb-trip-id: 2074150462
last-modified: Fri, 05 Nov 2021 13:13:59 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660248419199
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAmwtn%2ByP%2Bzns8og8cyGjeBHk1BnmsaEcLBD4BozlBuGh8j7XGv8bY06NX4LJTWJ%2BmHyHb25zf1JYj21WD%2BfFYWfdj0S5abjtn0aPqIC9QWht3DqUx8zc8ss1KwQxVX%2Fm6LTMvMpwkmqvUEgms%2FQvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 4279362559
cf-ray: 739a24e748983760-MXP
x-fb-server-cluster-forwarded: lla2c27

GET
H2 200 view
cdn3.greatfon.com/ 5 KB
5 KB 92ms
77ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZiQ2QTNFZkM20TZvZydxAXcwc3XudjWkplbqhzX2t2S300X3ZFctR1V5dUWIhTbrZkVvhncKBjVfRVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZSLKZEbEhDWBhTY3EmNfJHNqdzc9MGav91Yu9lJwATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42XwQTM3cDO5UzM2MzM5UzNzIzM38lM1QTMzQjN5IzNxEDO0YzXzIzMxUTN0cjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ec928cd9a0b17c0e5e9b3ce8407f9218abf5ea5081e21c8ddc3eea40d63b261

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3293778476
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=1532895166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmUkzV1UdcXgeXVFD
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Thu, 24 Feb 2022 20:54:32 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660317092476
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPL8m0wKsqHKxUB3iPUJa7l96hHtJtsI0Yyy%2FLgYVGEDW6Z9ROHsXAIzCv14qu%2BJzFOiPq1uTKWgZ0%2FtSuMEibO7pqgQaw9DugsufXAYBVRp2FxHev2%2FeK4LW07epbYZ49vXThdOTiWG0b95ya5fzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 1073626912
cf-ray: 739a24e7489d3760-MXP

GET
H2 200 view
cdn1.greatfon.com/ 5 KB
5 KB 84ms
67ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.greatfon.com/view?q=%3D%3DwIkFWYiNWN9QWaz91Yu9lJFhTOENkRyYTPl9mJBRTbil2VOFEU0Jzdwp0Nf92QoFFM2QWQVZ1R2JFT2BDWwZkZZNVRjd1c20CVB9FMw0DavZSNtcTPiN2YmEUQBFkQjxUQ3cESB1TbkVmJwEDWo1ULYF0YpZGNppVYShDUB1zYo92Xj52XmADMx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52XmATNxgHM1EzcfdGcq1CdzRWPwR3c%2FcGcq5ibfJzM4AjNxcjM5kzM0QDN2YTO2EzX4IDM0ETNwMTOykjMwQjMfljNxcTMzcTOvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f658e1ff72ceb00a9560c77dd907afa018140dfc17ba07819009cb482da1af0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 875957677
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2539006458
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmUenzNJJsE4v_O7B
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Sat, 16 May 2020 10:45:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq44lpPJTddAOKgVhN%2BGhCAouW3uEIE28%2BoK%2BxrvBrqwylTVfxgWsVJA0MssUTBc0AE3AKDxJvTFUo8kQ5BNKdc%2BKCKO4eUyWVQdoN2qMNrlra6z%2BECh681zFVNWLIFYoQTtqMYucWdbQEj%2Fz1fgug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3130561578
cf-ray: 739a24e748a43760-MXP

GET
H3 200 view
cdn3.greatfon.com/ 4 KB
5 KB 77ms
76ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmgDM2Q0QGJjN9U2bmcmZ4FjYzxmVmRWOzMFaJh0ZTdDTWpXMwgWRY12bmFHbzJXV4lnQqFXMwU1XUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmcXOWRXe4gVQVNGU6lmZJR1REhXPjh2bfNmbfZSM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X2UzN4ETO5UjM4UDN1ITNyMjM38FM5kjM4UTOwgTOxgjNyIzX0IjMxEzMyYjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f089e78b38cb379d1e49fbe6fa66fc704eef6960915bb0989046f0695707449f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3323421474
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3385097568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmQviBApZyxomRJPC
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 01 Dec 2021 12:01:25 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660192349346
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9thfEkVqQziur0eQxnRNSbRe28TdeZ3mVxdv8MLwUhW1O%2BsHOXw4p72R9UcT9UsbD%2B55jkHZQ1FNawzBc%2F0%2B93MoeYDbxj9yjIMbi%2Fs4MWdR%2Fd414zUEIObQm3VwQLfyFjpnelXQojPc6y4bZI3VA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 651170966
cf-ray: 739a24e7b8943746-MXP
x-fb-server-cluster-forwarded: ftw6c05

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
6 KB 84ms
83ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCOxQ0NDZkM20TZvZydmdkc5Ikby5GT6V0YZxWRVhWV2cmaORHM3cDMoJEaPZ1TaJmdCtWMkBDWfRVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZiZtZVOT9FWBBDbqtWLXFlQzZDc9MGav91Yu9lJ3ATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X2QjMzQDM3kTO5UTOzQTOzMDM381MyYzMyITO0UDMxYTN4UzX4gjMygjNyUjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cb59528b863da8d18d3da15e14d68c0708d272732dae63fccf17121ed578f8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3574380046
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2787492502
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmMh-f6o1VDEeXUvD
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Tue, 02 Nov 2021 07:43:34 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660249952470
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBDRaAwUUjuxzJP5TJNu621Vx0T5l9zMtSuYKqV2HGe69fbHnc3DYSakKE60LM1pSYihOJOhzEzUjwcBvTVXThcJHST2Ec1VTZoWxs3yxh7hiAMrBiarFtWiclf5X0FA3QW3oBmiPK%2Fp05uaGsf1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 2965274037
cf-ray: 739a24e7b8953746-MXP
x-fb-server-cluster-forwarded: pnb1c05

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
6 KB 83ms
82ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZSM5Y0NDZkM20TZvZSQiB1Y152cyoHOK52dBdVMzxUealUSsNlTuVzUu9mWjtWe4AzT1Ejb01GctQVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZybnFkWygDWBhzTsR1dGB1VkNzM9MGav91Yu9lJ4ATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnauE2XycDNzkzN0EzNzYTO0IzNyMTM18FNyUzM1QjMxgTO5gTMxgTMfFjMxIDM5AjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddfa26268857f8508f52bfb17625720b819bd4898aea886fe9029d38259eec10

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2813806953
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2448001645
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmUla1yBrYJIeXVGD
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Sun, 20 Aug 2017 05:16:14 GMT
server: cloudflare
x-content-cdn-origin-ts: 1659377280076
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h36MnyUT5IucE5HQ73BvatvQwgSnSVnYRPlQxD4u%2Fy%2FrcvCuNpYjfEbnsjOTRflP37Ee%2BvGJj3%2F8bJOg2SXHDLYNPD2SLzIA0q2UnWsiPi09WU9g1nAhbhRvTCUyGwNa%2FIRSRa35Kl4YipYbNISawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 380267714
cf-ray: 739a24e7b8963746-MXP

GET
H2 200 view
cdn1.greatfon.com/ 8 KB
9 KB 70ms
70ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.greatfon.com/view?q=%3D%3DwIkFWYiNWN9QWaz91Yu9lJ1IUNGRkRyYTPl9mJBxWTJdzNhFXZEJ2VVdGNClnUvpEeaNDNXpWOsVnNstkQnR0bFFnTTRkRRlDVB9FMw0DavZSNtcTPiN2YmEUQBFkQjxUQ3cESB1TbkVmJGFURaRTLYFUWTZXdUZXNMVXaK1zYo92Xj52XmMDMx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52XmATNxgHM1EzcfdGcq1CdzRWPwR3c%2FcGcq5ibfVTN5MTN3AzNxEjN0IDO1kTM281NyMjNzkDNwkzN5YjNzEzX4kjM1QzM3MTMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c972f6c010dc2fe7383c681689682a4210ac4e9f3f207d48da0a2e307bbfbfe

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 441003862
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=432534433
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhmGShGj9kYPEeXUfD
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 13 Jan 2021 15:25:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOlbzJNWC%2BdY%2FUyjf%2FN%2BUGkCTAMCioAd78RKiNh05bSvAMdysBnDNsjEtxavx5YJRrZEut0YAyI%2ByGiXgDkyGCJrJ4WVFdB62nmEVVuF1c894XaA8YUN4GH46T0EstRDMhVm61a4yAfXLThnbPV0bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3268597345
cf-ray: 739a24e769253760-MXP

GET
H3 200 view
cdn3.greatfon.com/ 6 KB
6 KB 85ms
84ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmITM2Q0QGJjN9U2bmcHcsljZVlEWChWTYp0RYFUa5llTFJWc5kjeo52cI9WOzFHcwk2crVlcQ5UOUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmIFRzcTc4gVQwYmeFZGaGVlUzdTPjh2bfNmbfZCOwETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuQnblRnbvN2c9QHafNmbfZCM1EDewUTMz91ZwpWL0NHZ9AHdz9zZwpmLu9FN3ITO2UDM2EzM1QTNxYzMzQDNfhjN4czN4MDO5MDO1IjN1IzX4gjNzITOwkjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

195f5e557cb0e071f18fb2bf1ee91ed84d01194b2ccbf2476dcf3d5c778927cd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3562396189
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=119083434
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqhl96sy0CnRywvIa8B
timing-allow-origin: *
x-fb-trip-id: 2050670934
last-modified: Fri, 01 Jul 2022 03:54:45 GMT
server: cloudflare
x-content-cdn-origin-ts: 1657969745784
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaDa7cKVgeSKquD8d97ZxeEVAiNCWu58g8DjGLNAUkG3XWGSLjV3ye61kQbqxwRPNhcrMdsa%2B34zJT24TcMj%2FlQDkcV5zPQ%2B3JtLrI3QNz%2FG8TwZNhkAfWm%2BBlw5sv4w9p5BZyI11sOfoeL5f9JK%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 1548069666
cf-ray: 739a24e7b8973746-MXP
x-fb-server-cluster-forwarded: cln1c07

GET
H3 200 view
cdn3.greatfon.com/ 28 KB
28 KB 89ms
88ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMyYjRDZjNWPkl2cfNmbfZiR0kDNFZkM20TZvZydFN1MfZmdSdFcGRHVYNER5clV0pUTlNTUDlnVj5mNYVHbX5WMVxGMuxUc5QVQfBDM9g2bmUTL3I2Yj1iMuoGbHNmZWdkYwplMilnQzgleWNjY0xmbiZXNXlVP5V2afVGajF2YfdWamUTL30jYjNmJBFUQBJUQN9VMxIUQ90GZlZyR6ZzNi1CWBF1S2Y3dHVkZn5EW9MGav91Yu9lJx0DdhN2Xj52XmQXZu5ibkNmYm5SYuZmLx0yMvRmZm5SbhJ3ZhR3culWP0h2Xj52X%2FcGcq5ibfJzNyYjMzQzM3kDO1kjNwYDN0IzX5ETNygDOyATM3AzN1QzMfhTMyQDO4QDNvkTMtUDO4IjLxUDdvY3L0Vmbu4GZjJmZuEmbm5SMtMzbkZmZu0WYydWY0Nnbp9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2903063741
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3129229475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlkhMq7B1NRQeXUHD
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Wed, 21 Nov 2018 19:35:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAZceO%2FpBMexJQDCwmw5nEJYkoIcUbgpO%2FziDZ2zsDm3a9RzRmpjyeMUhguTSsRaoNfVvG8etU4OVoAQgDs8RAazyga3toESa1zE%2Bc5vqf2GkFoSGcwO8GO6nspFzeFOFOuaT4ZJZZxga5gZPSFv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3129229475
cf-ray: 739a24e7b8983746-MXP
x-fb-server-cluster-forwarded: odn2c02

GET
H3 200 view
cdn3.greatfon.com/ 8 KB
8 KB 84ms
82ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZyNyI0QDZkM20TZvZyZtJkM6p1UQ10bQZkSUlUMkZ1MOBFTtcTL180bBBlRTZmV6pUdIhDMEVGefRVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZSYWBnZR9FWBl1TxNkWwI1MxcmU9MGav91Yu9lJ4ATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu91PnBnauE2X3UTO3czMxQDNx8FOyYzN3MzM1QzNxMTNzYTMfZDOxETOxETMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589d0f9f04b4d572e83fc050f422e173a5cc50da6690d850185ba99c75093efc

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1948139212
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=4292806618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlmGgbjwYtVImRIHC
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 10 Jun 2015 13:06:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3CibzcrHn5xAu6aCnlUhG3E5urhFcyeD9hAwq9Hj6xkeAM1uTSCcgZsiJmjlNf8Zwe2ycZwy1GuJWziL%2B06C7uqeh%2BO549GAygmKdMshwRbzO0fMz0G4A9CiUW5C3%2B%2B6WZF2V3%2BWDTudAmYPox3Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 4292806618
cf-ray: 739a24e7b89b3746-MXP
x-fb-server-cluster-forwarded: odn1c03

GET
H3 200 view
cdn3.greatfon.com/ 4 KB
5 KB 80ms
78ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZiNCFDNFZkM20TZvZSUj5Gc5hFWEFHO3kmdNN3SvhGcaF3MJNEaJp1Yo9GZ6p3VMlHMsBTc38WTtQVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZCUwF3Nt0CWBdmer1ST3QEMwknV9MGav91Yu9lJyATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnauE2XzkzN0YzMwMDMy8FOxUzMyQDMyIjNwkTMzYTMfBTO5ATNzETMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c155b0ff02a1f63422b01ced6d46c441870f5820f0239a291a096fc2674b51

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3579473055
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=287480566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlkEQ1jFU1IAmhC4C
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Mon, 07 Sep 2015 14:36:49 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660317079222
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpqn%2F%2FAW84ERbBZl1SgoljbYF5HDnxh9LHCiCcQG0wLrFcHhZqAu1Y9WjkD6CuMxQFlAV%2FsPJQj30Trl6pSGFb7dX9iydAUItSwsqwy%2Bxoovtgv18Hii%2BJxhF2jSfKO82AZHnF5cxj4Xt%2Fy9z0DfnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-fb-edge-debug: 7wRygt3ZcgwuiX2Y04orS9CTCsr7R5eOW8zJSdpgNAUdwC-Nv1NSCll5dVrK2KOW0DsUPzRh7PmG62i0sLLlEW3MEb728I--YKr8qCCsNnc
x-needle-checksum: 2149959473
cf-ray: 739a24e7b89c3746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
6 KB 86ms
84ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZiMwMzQEZkM20TZvZydsdkMLh3Z2ZEWKl2SXp2QktEdMZjS3BFa2RnbhlleD9Famp0bsx2X6V3TfRVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZSatZFUF1CWBtWN0JzbyY1bkJVQ9MGav91Yu9lJzATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42XwETMxMzN0AzMxADM5cjM3IzM18VMzkTNwcTNwADOxgjNzEzX5MTN1gDO1kjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb333b33a7efe72a8b348ad848df3b89b19a9af9696275f0c6b8f3979963e00

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1582645830
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=1483355089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlfwGDcmjrM0BrhWJ
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Wed, 27 Jul 2022 16:09:29 GMT
server: cloudflare
x-content-cdn-origin-ts: 1659443303648
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TcctFuZIFYVP0ptTkc1LO4KVpcMJERWXl3PxuqE4SLMP3L7d5hKUa6qRv%2Fdoq12E8ndAQ%2ByjdLT9jhVFej7kpIhTQ0C3HrsZb1rUrp2FWF61iuPXsB225xSGdgQl09oLAJ0mUexTlZsvBh5ju%2BnKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 2858487860
cf-ray: 739a24e7b89d3746-MXP
x-fb-server-cluster-forwarded: cln2c02

GET
H2 200 view
cdn2.greatfon.com/ 6 KB
6 KB 90ms
73ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn2.greatfon.com/view?q=%3DMSZ1czMmRTPkl2cfNmbfZyM5QkQDZkM20TZvZydfVVWCdTVGZlTmdkR5gTTpdDcodjRtM3TwUWLGFGVqpmZFRGezMkN1x2Z4QVQfBDM9g2bmUTL30jYjNmJBFUQBJURwEjVfBVQ90GZlZiN2EUbY1CWBtWTZxWV2gGS1E0c9MGav91Yu9lJx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52XmATNxgHM1EzcfdGcq1CdzRWPwR3c%2FcGcq5ibfRTO2IzNxcjMzkTMzEjN1ITN38lNwITNyAjM0ATO4gDOyEzX5ADN5czMzITMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da0600a3bb70e96cf35a78518b4f2f1b33fc7de8fb45cd73b22cb11a6af8cb2

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3319565777
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
content-digest: adler32=688331452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqej3S9qQnwmgoB1ifE
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Tue, 03 Nov 2020 00:23:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAe4ftUgvU4B9e0KyrAwObOsLqx5pbCoeCtT%2BCLyV3i2r5ntOxeXvd4Q2AbfdZP2ELNF7zLDCBPGExJVFfVozUdHvmJLfdO9tY%2F76pahJTgiqqOYC2JTTEynyT3lYiil%2BZADS6mpSOQaZxqU2s4NLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 2179152510
cf-ray: 739a24e7a9bd3760-MXP

GET
H3 200 view
cdn3.greatfon.com/ 6 KB
7 KB 82ms
80ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCNGZUQDZkM20TZvZSQzsWLXF3YuhXQYJEdH9kZW1Ca4s2VQljc1RXTCl0Tp9VZQ92QzlDNZVzT4QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZibXJUTV9FWBhjU0IXQTJ2XndER9MGav91Yu9lJxATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X2MTNwAzN0kjN5MTO5kTM5IjNz81NxMjM3cTO0gjN2YjMxczX0YTO0EjMwgjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b50fd7a57d96d6aedd0401307da289576a52ae1d30728595530f811163f9054d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3799138459
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=1981535371
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqhlb70sd53iB4UOa-E
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 11 May 2022 20:17:20 GMT
server: cloudflare
x-content-cdn-origin-ts: 1659009153115
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w21%2B9onIJAfLbS9I0X0gjhYChSnk4ANr2sulXO9lYqhaD6NTvlcQl8TVS7V5OP0Zw7iIJRrjNBWy0Bso3nVPdBFT%2FPfeGP1kD2aJUZVUd%2BIDAHwHXWAQOdyW5xJRKApGUCLJRt5iHxIrAwEw8Wtp%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 4070482690
cf-ray: 739a24e7b89f3746-MXP
x-fb-server-cluster-forwarded: lla2c16

GET
H3 200 view
cdn1.greatfon.com/ 3 KB
4 KB 58ms
57ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.greatfon.com/view?q=%3D%3DwIkFWYiNWN9QWaz91Yu9lJ2gzQERkRyYTPl9mJ3xGT4RVQlVndqNmSklzdhVncZNlRppUYQBDeshzaDRjVtNURXN0cjRlcwlDVB9FMw0DavZSNtcTPiN2YmEUQBFkQjxUQ3cESB1TbkVmJMRkanlWLYF0b4QGc5dVRyVFUx0zYo92Xj52XmMDMx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52X%2FcGcq5SYfNDOygjNyIjMwEzX3QTNyETO3cjM5QTN5gjMfZTNwQjM3ATMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cc460dfb3694d06cb44096bf340c45e3963093ca514b3cc9c89a9918cc2deec

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2238447850
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=321021089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqhlc5G9NvbfQEmhCoC
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Wed, 08 Oct 2014 20:15:55 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660317077789
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvUwbzTQPcs0i%2FWn0hsVOoleNZe0BD8m%2Bto0L2JRwKyM0M%2BzwXfvveZIF2CKxdLd%2BK6pq8T4Tf9ERPyrACLdVRgPeXjxWu%2FmixtcTtO8jw22bgvSwnAKI1UksbP1nhV8j%2FY1e9d9DFlAJ0%2BKZzXcvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-fb-edge-debug: tMY7DyU0DQDxi8RAgcLMJQnvYllHrMd3lUeigPPUM9LCHBMWRq1r7beJB_p_6qYitFmiGGsDHcp4E2b5nyzlN9SicOzbhHcUEpxtIqJ0Qyg
x-needle-checksum: 321021089
cf-ray: 739a24e7b8883746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
5 KB 81ms
79ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmYTOxMTRGJjN9U2bmEUepZ1Qft2ThpmS580QLRlTXN3QzAFdIlFTvxGTzt0Z1hVOMZnNptGTLd0XUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmEVa2MXL4gVQnlXQH92S1FWT1FVPjh2bfNmbfZCMxETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuQnblRnbvN2c9QHafNmbfZCM1EDewUTMz91ZwpWL0NHZ9AHdz9zZwpmLu9FOzgTOzEzNzATMxYzM3IjN3UDNfBTO2EjNwMDOyEDN4EzNyMzX3kDOxkDMzkjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a2400dbbf11e0230a5d056fc07c0b9ba0b852616acc58e1de3deddbb74ed30a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1556399666
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=2105873632
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqhlb8ejTzLb9UmhCmC
timing-allow-origin: *
x-fb-trip-id: 2074150462
last-modified: Thu, 14 Jul 2022 08:48:17 GMT
server: cloudflare
x-content-cdn-origin-ts: 1658557291922
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HADHmDQmot8963FIe%2BdjetGhBRr7JKhB3MqFSa04mw5U%2FHB3CuHXJw6mRh%2BH5609CF1bZco51f19LSmvjZ8cwZajWX%2BsUBYDyYWRPEtTgpd1WESjFqJSCNpOOHX8Z7iD4WNNnfnIod5VpRY%2B0ilaDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 2621779616
cf-ray: 739a24e7b8a03746-MXP
x-fb-server-cluster-forwarded: cln2c05

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
6 KB 79ms
77ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCN1YDREZkM20TZvZyZulWbHdmQYBTdDZmTVl0amVnMx1GS5wGSPl0Z3gDRvpFWHhVcLBzdxYlM4QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZibVVDcthDWBF1QvVHNIhmTqdmc9MGav91Yu9lJ1ATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X3QDMyYDN4cTO1ATOwYzN0gzNy8VO0AzN1ATO5ETO0IDMyczX4kTMzYzNykjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ccef691698fc301c0baca42fea6b1e20679280058c36db71b45fbaf41840ad

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3296278619
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=887019535
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlcYdBUUnL2wL7KUF
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Sun, 10 Jul 2022 21:14:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0o0EXkOQvVM7m19lonWzKWdMldUO6McB5QOlOAdNdK9mC1G1EBjF5rpK8vgrMG2nbu5Y2PfHxELCw3vD4dI6eCTn5JiOCFhng4H1D9lLj2C%2F3DlIpneSGe0fyk3g2Chfo9y7s7wex%2FCk3FGJ59OTrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 1754320221
cf-ray: 739a24e7b8a23746-MXP
x-fb-server-cluster-forwarded: ldc1c06

GET
H3 200 view
cdn3.greatfon.com/ 8 KB
8 KB 87ms
85ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=jQWYhJ2Y10DZpN3Xj52XmkzQBVERGJjN9U2bmc2NCdFRPRGTaZ1ZEZUZ6FjNOFXbwAjefJXNYl2Z2dlUxMlW25WL4ZVZmZEOUF0XwATPo9mJ10yN9I2YjZSQBFUQCNGTBdzRIFUPtRWZmglV2UkStgVQzd3TzcGRyJjSXlWPjh2bfNmbfZCMxETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuQnblRnbvN2c9QHafNmbfZCM1EDewUTMz91ZwpWL0NHZ9AHdz9zZwpmLu9VM0kzM2kTO1gTNycDNxcDM5MDNfJDMykTN5ITN0UjMzITMwEzXzIDMwgDM5YjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

037b36a07ddc797c36777d3feadab6b45f32d13d6c085c785b4fb80e3efd3600

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 3126031145
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2037134233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhldVigDZE9pov_NfB
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Fri, 17 Dec 2021 19:49:26 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660317077883
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEHo0BuOfTFDRWF9RslS7AL9MmFvzgkWqOSCu1Y%2F%2BhuM16OR33Ac1PFc8gNo19m1tDG%2Bl06y0T0Avng6svrFY3SulUirzMLSJ8aKVSuHkcPvI8JOhx5mbTPYfGBHLpA1bPLUPSSsvHkA8F1oKTMEUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-fb-edge-debug: aXfo4ezRPfFMu2oD9G53ORyLLDY3u3aktN9cudTKmASECzEjvLJ48oJt6dZVue4fB_CYy5fHGswwz-N_o12TqhmBm67wgepTWVb57k6YRWQibhPFlFgc7vtoUTLsQHrw
x-needle-checksum: 2008895905
cf-ray: 739a24e7b8a33746-MXP

GET
H3 200 view
cdn1.greatfon.com/ 5 KB
6 KB 58ms
58ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn1.greatfon.com/view?q=%3D%3DwIkFWYiNWN9QWaz91Yu9lJBR0N4MkRyYTPl9mJBp1X3glQ2pmZBhVYYdDbUR3QmNWNpF1bw9mexdUYoJzXB9GRolWNJRmYwlDVB9FMw0DavZSNtcTPiN2YmEUQBFkQjxUQ3cESB1TbkVmJq92SzcGOYFUVaREcjF1SOBzRx1zYo92Xj52XmkDMx0DdhN2Xj52Xm02bj5SbhJ3ZhR3culmbkNmL05WZ052bjNXP0h2Xj52XmATNxgHM1EzcfdGcq1CdzRWPwR3c%2FcGcq5SYfRDN5QzNwUDN0MzNzIDNzgTMyEzX5gDN3MzNwYTO2EDM0YjMfJDNzEDO1gTMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700b07ed405957601fb4209d64a7968949fbf774be461af86041b24819fb32f1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 635289333
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=4217413533
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Fwqhlb-8pM72IpsvIahB
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Wed, 24 May 2017 10:55:02 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660111498391
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYXxD0b9OBLz%2FFyI6G%2FyMnHSC2MeOF1s5QncbS1XYCI2y%2Bmep2Pe2vIXArmVw5azcp86AGEbDJX7KewQ5%2FP1AGeseL%2BQCq4OdMaEsB3dghvEA4ofdXKCjMRF5sKao6jcdJAVIHJXUZj1Cil5CQdy6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 2880435683
cf-ray: 739a24e7b88a3746-MXP
x-fb-server-cluster-forwarded: odn2c12

GET
H3 200 view
cdn3.greatfon.com/ 4 KB
5 KB 82ms
80ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCMDhDNEZkM20TZvZSUkNGc4oma3UnV3IGT2ZVLmdnRyZzdTFjcW1SLvhUMtQVVI1WOhF1biBjWfRVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZCewgEWX1CWBVlezdWMBRTZqtWe9MGav91Yu9lJzATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnauE2X4YzMyITO4QzM5UjNyAzMwEDO18VMxITO1IzN0UzN3QDN5QTMfhDM5MDO1YTMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11663ac5802911d1deaa883a660356e189f99bc25e3f4074d2b48d4b4050cb2c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 559675444
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3718538845
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlcYLCfqV2Yov_NcB
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Fri, 10 Feb 2017 08:49:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfMmvsdVJMpu2iWFhqMbYM0btOAtvuSo7Mh6ofV5%2BCLss%2FmmZwjhnXn9X1Sh9FPfYEj%2ByrUBD8R1Nwbmb0UWaXKMhCi0SeO1NLvRDlwL%2FidBNqK%2FAkJhsrCsPZ8xiPGbgbHRz%2BMT3OBVAn1QBwCS1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 336408098
cf-ray: 739a24e7b8a63746-MXP
x-fb-server-cluster-forwarded: atn5c13

GET
H3 200 view
cdn3.greatfon.com/ 28 KB
28 KB 83ms
81ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3D%3DwI5IGN5ATM9QWaz91Yu9lJGRTO0UkRyYTPl9mJ3dGTtQGe2t0Roh0baN3YUVVTXF2bpJHapVjZFh1ZSZ2ZY9kMldDO4kTMh9FVB9FMw0DavZSNtcjYjNWLy4iasd0YmZ1RiBnWyIWeCNDW6Z1MiRHbuJmd1cVW9kXZr9VZoNWYj91ZpZSNtcTPiN2YmEUQBFkQRdlY5I3SB1TbkVmJ5ZGdp9WOYFUULZjd3dURmdmTY1zYo92Xj52XmETP0F2YfNmbfZSbvNmLtFmcnFGdz5WauR2YuETLxQncu1CduVGdu92Yz1Ddo91Yu91PnBnau42XycjM2IzM0MzN5gTN5YDM2QDNy8VOxUjM4gjMwEzNwcTN0MzX4EjM0gDO0QzL5ETL1gDOy4SM1Q3L29SbvNmLtFmcnFGdz5WauR2YuETLxQncu1CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2903063741
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3129229475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlcXKkeTTTDsMD6EF
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 21 Nov 2018 19:35:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIATeJp4YjLNXPkJMHA%2F43yRA8sjDt%2Bh9Nl7StV5huVqvTl4RoBW7NEpiqTe2JPRJVn3gMI8ZGMIdq88RO7fIvUNB6CS23Sn%2BbGFgpmuDPRrzglulhd0%2FVf%2FCrpJyQ1D7Q1yGTAH%2Fdmv%2BV7fPpissw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3129229475
cf-ray: 739a24e7b8a83746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 28 KB
28 KB 80ms
78ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCMwQGZhNTPkl2cfNmbfZiR0kDNFZkM20TZvZydD9lRUFUSQNFeXVzNJR2bFBjVWllU4gGdnlWL40ySExWMhhFa5EUQXF0T4QVQfBDM9g2bmUTL3I2Yj1iMuoGbHNmZWdkYwplMilnQzgleWNjY0xmbiZXNXlVP5V2afVGajF2YfdWamUTL30jYjNmJBFUQBJUR1oGbwEUQ90GZlZSdKRGb19FWBF1S2Y3dHVkZn5EW9MGav91Yu9lJx0DdhN2Xj52XmQXZu5ibkNmYm5SYuZmLx0CN1JHdm5SbhJ3ZhR3culWP0h2Xj52X%2FcGcq5ibfJzNyYjMzQzM3kDO1kjNwYDN0IzX5ETNygDOyATM3AzN1QzMfhTMyQDO4QDNvkTMtUDO4IjLxUDdvY3L0Vmbu4GZjJmZuEmbm5SMtQTdyRnZu0WYydWY0Nnbp9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2903063741
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=3129229475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhldWApQBNoOwvIaiB
timing-allow-origin: *
x-fb-trip-id: 1425083115
last-modified: Wed, 21 Nov 2018 19:35:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1o5CaW8ql%2BVHuUfLP7%2BjBsSoDqmhXrs6sLOpbSAESWVqIrOUEiZh6YGxkK19Ut%2BGQxt%2BAu3HjSlaPQKTr%2BHJILthlqHgnZCAEM56PH1gXvVJpx%2BkExNPgySQZQ8dL1fbr9Xk6KAtUfm6F2yigP5lTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 3129229475
cf-ray: 739a24e7b8aa3746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 4 KB
5 KB 90ms
87ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZyM3YTREZkM20TZvZyZzZ1SS9lW0ATc2FkTTR2Tu9kW2hDMCtEaj1kbXJ0b4wGT2hlU1w0T2g2c5QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZSZMZ0Uv1CWBNHbQxkS0RHeydUO9MGav91Yu9lJyATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X2QDN0EDN3UzNzMDMxkDO4gTO38FO5QjNzMzNyQTMwgTO2czX2IjM0gzN4cjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8037feb833cd07ee4d9ab6e0ed008e74fb1451afa0de1d99859fdf88510581d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 1640353886
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-digest: adler32=3652215184
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlTvJuz8oPLIUOa4E
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Thu, 21 Apr 2022 11:21:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbSdGreU9rGFZY6Usu%2FVcYGiTA%2F0uB3kRsAikFCTRUUAo84MkOT0C2D8b9saNOjO0DquHFbwI3ic%2FP1NrE6tycKz97QJxtaxSKEe%2Fy3rWZBqY%2BIINyaJTW9KcZj9B4TlBJudVq9i0MUr3ChNpJBADg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 4177395468
cf-ray: 739a24e7b8ab3746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 6 KB
7 KB 77ms
75ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZCM3YDMFZkM20TZvZSQ2tmV3QXWLdTUsFTOplkcu50RVBjY1dULPlTdmFWdsVHSwYTcr9FSyYWQ5QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZiZmhULGlDWBFEZ2h1bNJkc10iS9MGav91Yu9lJxATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X4YDMwEDO3AzM3MDOxYjN4ATN481M3QzM0UTNyEDO2IjM1czXwMzNwUjNyATMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04d8c4c5ce99695dbcc0198f8565ae85fe0cfd1b933c95d6931627a23263e7f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 2087746145
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=135951116
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlcYNhMO6vzMMD6FF
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Mon, 08 Jun 2020 15:41:45 GMT
server: cloudflare
x-content-cdn-origin-ts: 1659805986140
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRrPQY4ZssF0IHrlbspMrhyR0m6w3gakqNW%2FfCVcMTciiXMpqKIzRkskCOfKCsUZ8gv6Fz%2FBw2m8mWWKlu0hsDa30H21FA8H3XJtinmInVHsWK58ERFZwmb2P%2Ba56t%2Fmlqwm4mhNKa2Y354wX7NaFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 4090298621
cf-ray: 739a24e7b8af3746-MXP

GET
H3 200 view
cdn3.greatfon.com/ 5 KB
6 KB 113ms
110ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn3.greatfon.com/view?q=%3DMCZhFmYjVTPkl2cfNmbfZiRFVUREZkM20TZvZyZKVjaSNldpdVVPFDex5UQjNkQJNzXqdDS28ER491VRRjePdjMmNXWKFkY5QVQfBDM9g2bmUTL30jYjNmJBFUQBJ0YMF0NHhUQ90GZlZibygmUNlDWBNHbIlVd2ElWyckM9MGav91Yu9lJzATM9QXYj91Yu9lJt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz1Ddo91Yu9lJwUTM4BTNxM3XnBnatQ3ck1Dc0N3PnBnau42X3cTM3cDO3kDMzEjM2YDO2EDNz81MwMDM5gDM0gDMwYDNxIzX5YjNxAjN0kjMvkTMtUDO4IjLxUDdvY3Lt92Yu0WYydWY0Nnbp5GZj5CduVGdu92Yz9yL6MHc0RHa

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a84fc2d4e8ee98a066b7240f571608d26b027bd9e0e663054266fb0bd5dcdf3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-haystack-needlechecksum: 4280193161
date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-digest: adler32=2496187815
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: FwqhlVo9yUumh84mRHEC
timing-allow-origin: *
x-fb-trip-id: 1512268381
last-modified: Fri, 22 Jul 2022 09:27:17 GMT
server: cloudflare
x-content-cdn-origin-ts: 1660113922693
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF1%2BsA6NZWorb1aQJ2w3Vl81PrDhhNbDetiz3ESnhklERcldrLns2w9d%2FlxrqyKnf%2F0UWZ1kAjo9E34wZ7GlGn%2FgXn2u5OiRhZo2Se9wxT7xIStJgaObGE2UPbnaVJaeLrRk8E4ROYAlpRm9meTzcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600, no-transform, max-age=0, private, must-revalidate
x-needle-checksum: 1267422649
cf-ray: 739a24e7b8b13746-MXP

GET
H3 200 inst1.app-64c054a602f2cdaff6aae36c632a0b12.js Show response
greatfon.com/js/ 406 KB
117 KB 42ms
42ms Script
text/javascript 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://greatfon.com/js/inst1.app-64c054a602f2cdaff6aae36c632a0b12.js?vsn=d
Requested by: Host: greatfon.com
URL: https://greatfon.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25eb3ae86baacff01b721744c44ff77aebd94ba45d8761a4f9dcab85d1b2ea4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9240477
cf-polished: origSize=416818
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 27 Apr 2022 16:23:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNqg6uuhF5Ew%2FPKH7jgSSzIlQsKXucHQaUXrqRBbsUJJcY2OVPV%2BjSX8AoVSuA2gvlyOkcHeH9G8iVxDwZ7UG7Yo5v1oFh3jDZc%2BnifqXP7pCFDYJeFXylxlNQjTYrjdJVX%2FBcbbU%2BhyTl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=31536000
cf-ray: 739a24e68e853746-MXP
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 742ms
43ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 12 Aug 2022 15:11:33 GMT
x-host: s7.addthis.com
content-length: 116379

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 77ms
29ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: greatfon.com
URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 15:11:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 12 Aug 2022 15:11:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Aug 2022 15:11:32 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 340 KB
120 KB 91ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4235477045164216&plah=greatfon.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4235477045164216

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

037fc02c9d69ec3ad57760c2c7a9b12a2267699b76c8f1130d7b97618e2cee8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122751
x-xss-protection: 0
server: cafe
etag: 8313552755790267453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 15:11:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/ Frame CE7D 10 KB
5 KB 54ms
15ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4235477045164216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 01:58:11 GMT
etag: 8616628553774171045
expires: Fri, 26 Aug 2022 01:58:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo.png
greatfon.com/images/ 3 KB
3 KB 34ms
34ms Image
image/png 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greatfon.com/images/logo.png?a29df5ad7854ced387fd822baebdc617
Requested by: Host: greatfon.com
URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf1c01f168727d86a7235b34250747a9504c41463c32f996735264aac644638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3246
etag: "1723ECD"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xF8xxT%2FO40pG382LbnWPddD8u9sxeVlHlJoDkb03Hm6QWvSmCLHUSQAjLuj48RPSewAXojQBa8ZFRgChSYXTlJJHHX4TLrjJeyvTmVt7G7OC6heHtfyyByzhb%2BAhukVoK5Y2ny8qeTnyXI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 739a24e72f953746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2928

GET
H3 200 search-bg2.jpg
greatfon.com/images/ 326 KB
326 KB 39ms
38ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greatfon.com/images/search-bg2.jpg?b0f9889e9ac16ba28c48e526ffe6e672
Requested by: Host: greatfon.com
URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09fc02696876df4487679b89a819880821f4149cce7f47c47e57b66c4a794509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4549
etag: "74C1E01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvROtNo3dhwTVrkvhpYZgS0rqU6rkypdkXXBrQOAt7hMPtYLBnwoZWxbFZEwWaRadsh2De3Ji8EeWxo6PcrbxQrRiOknJAbhNVP6fPSnHxPRHX6AjGo7qQlwVHlA9CMWa6un1UcI6AE5Ynw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 739a24e72f993746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 333465

GET
H3 200 search-btn.jpg
greatfon.com/images/ 953 B
1 KB 92ms
92ms Image
image/jpeg 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://greatfon.com/images/search-btn.jpg?a5d13c304eb3b418d8bb45690ce768cd
Requested by: Host: greatfon.com
URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41d5a7cfebbf5af026b61d098d3ee4599ac824853f84cf35304f349feb0941e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2814
etag: "4E779C4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Faw2VNc9lGwb6Xrq7dtWix2ssLhh4RZukdQpNE%2FoJ7Tuv8qdi%2FVcVsMSNtrfDv4tzi64MzFwwfGy%2FaH%2FQgsK%2FPAagX%2F8mDBjX%2BX1y%2FQ3Z%2F5xuZqoDc6yIX%2FAqJz4IM3yoP%2B5iH%2Bh7n81jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 739a24e72f9d3746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
17ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 331418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 61ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 340001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 77ms
37ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 340308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:39:45 GMT

GET
H3 200 AllerLight.woff
greatfon.com/fonts/ 32 KB
33 KB 35ms
35ms Font
font/woff 2606:4700:3032::ac43:df37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://greatfon.com/fonts/AllerLight.woff?f16f5a135c2040b162d951b19b4dc3d7
Requested by: Host: greatfon.com
URL: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:df37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12eb5706271e7adb3182aa445fb57629efd4e9d71ece01c81a75628616673ffc

Request headers

Referer: https://greatfon.com/css/inst1.app-26ebb571748ec0315b1406b00ef49b43.css?vsn=d
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4549
etag: "46487AE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYIEbaIg0Q5BejJk5HPswS6Cy%2B297qOJz32WMkyIH3FJl1yzk0xoIz6%2F0O5K36VOKlb4L1Yu6Awm7%2BuVbY78ujxPBOSR%2FrxFTtPdQcUdAZZoVcD1RZJknTLqlxi1qSPZklYL82MEUYvkYSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 739a24e73fa73746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33196

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 71ms
32ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 353728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 12:56:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 68ms
42ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://greatfon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 18:17:14 GMT
x-content-type-options: nosniff
age: 334459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:17:14 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 212 KB
73 KB 339ms
130ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

10878b62413b9004a5b44404baadf4cbe15fa176d14f57840b8b21bd94099bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: br
last-modified: Thu, 11 Aug 2022 14:22:53 GMT
etag: "62f4e68d-123e4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74724
expires: Fri, 12 Aug 2022 16:11:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 68ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T410N8PBE5&gtm=2oe880&_p=372392221&cid=1500121317.1660317093&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660317093&sct=1&seg=0&dl=https%3A%2F%2Fgreatfon.com%2F&dt=Instagram%20story%20viewer%20-%20Watch%20profiles%2C%20stories%2C%20followers%2C%20reels%2C%20tagged%20web%20posts%20anonymously.%20Best%20insta%20viewer%20for%20video%20and%20photo%20from%20Instagram&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T410N8PBE5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://greatfon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 76ms
24ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=greatfon.com&callback=_gfp_s_&client=ca-pub-4235477045164216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4235477045164216&plah=greatfon.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

62946db25d6f2978963772a960d09b8c6d39b5f36db69134746e4bb431b9c958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 70ms
25ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=greatfon.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
24ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=greatfon.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgreatfon.com%2F&tn=DIV&cls=footer_pinned_ads&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F715 9 KB
4 KB 175ms
143ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&adk=1812271804&adf=3025194257&lmt=1660317093&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgreatfon.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317092952&bpp=23&bdt=141&idt=175&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8039417939945&frm=20&pv=2&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad9cc0978725cecafb0fb36fe45d4eeeb7510d7971c13f40f9e7a3e3d067ab9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4148
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 15:11:33 GMT
expires: Fri, 12 Aug 2022 15:11:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 336D 96 KB
36 KB 443ms
419ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&h=90&slotname=3850634962&adk=2294932030&adf=3235933448&pi=t.ma~as.3850634962&w=728&lmt=1660317093&psa=0&format=728x90&url=https%3A%2F%2Fgreatfon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317093000&bpp=8&bdt=188&idt=148&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8039417939945&frm=20&pv=1&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=421&ady=1070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5PsHPRkp6U&p=https%3A//greatfon.com&dtd=153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7fc436bff1f8d32981644a161e9a00538a890730d1c5a1dd10fae9487e9ce66

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNmVuZTLwfkCFVaOsgod_jIG1g&gqi=pW32YtD8C8eBrATtrJz4Cw&layout=/sadbundle/%24csp%253Der3%24/4698992051773146371/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37022
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNmVuZTLwfkCFVaOsgod_jIG1g&gqi=pW32YtD8C8eBrATtrJz4Cw&layout=/sadbundle/%24csp%253Der3%24/4698992051773146371/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 15:11:33 GMT
expires: Fri, 12 Aug 2022 15:11:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 1D5F 2 KB
764 B 79ms
66ms Document
text/html 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7c90111dcac715edad1e68fcad7f06b6cb1f42abc163c232841df09f7d83ad69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 685
content-type: text/html
date: Fri, 12 Aug 2022 15:11:33 GMT
etag: "62f4e796-2ad"
expires: Fri, 12 Aug 2022 16:11:33 GMT
last-modified: Thu, 11 Aug 2022 14:27:18 GMT
strict-transport-security: max-age=31536000

GET
H2 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/impression/ Frame 336D 17 KB
8 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&h=90&slotname=3850634962&adk=2294932030&adf=3235933448&pi=t.ma~as.3850634962&w=728&lmt=1660317093&psa=0&format=728x90&url=https%3A%2F%2Fgreatfon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317093000&bpp=8&bdt=188&idt=148&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8039417939945&frm=20&pv=1&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=421&ady=1070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5PsHPRkp6U&p=https%3A//greatfon.com&dtd=153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd0a1a7809246df79a2925f6eeca126c04d2b40c811cc7ac7486370de3c5d3df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7706
x-xss-protection: 0
server: cafe
etag: 12501587712337178964
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 15:03:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 336D 23 KB
10 KB 54ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 15:02:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 336D 3 KB
1 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 15:04:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 336D 140 KB
44 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 15:11:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 336D 17 KB
8 KB 57ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Aug 2022 15:09:51 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/ Frame 1D5F
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9728.nwQM5pykrMrp3c-h1JAF92jdwf2tVVG2WPPPioUMMyNLPb-Z5m4n0VC2RKS6aP3H.cltejQat6q2ina3Bp_SlzHc7vXk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9728.zZ07NirfblS5gV8jzWv3U5s8KaG5RCmVb-2ObZa_D6mnoerecWyRHbmhuXQjVRnYOfiYYmpO5jD5mCEuu6nk4Q%2C%2C.uQOXUAQ3BPuQqv69MHMd4axAeUc%2C

75 B
75 B

68ms
65ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9728.zZ07NirfblS5gV8jzWv3U5s8KaG5RCmVb-2ObZa_D6mnoerecWyRHbmhuXQjVRnYOfiYYmpO5jD5mCEuu6nk4Q%2C%2C.uQOXUAQ3BPuQqv69MHMd4axAeUc%2C

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9728.zZ07NirfblS5gV8jzWv3U5s8KaG5RCmVb-2ObZa_D6mnoerecWyRHbmhuXQjVRnYOfiYYmpO5jD5mCEuu6nk4Q%2C%2C.uQOXUAQ3BPuQqv69MHMd4axAeUc%2C
date: Fri, 12 Aug 2022 15:11:33 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/ Frame 2560 21 KB
4 KB 47ms
19ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b0b7427ae5a374ad9f590bc7f9076b36b8b4fcf94001240db97279bd2804a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 355534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3789
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 12:25:59 GMT
expires: Tue, 08 Aug 2023 12:25:59 GMT
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A80 143 B
163 B 15ms
15ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&h=90&slotname=3850634962&adk=2294932030&adf=3235933448&pi=t.ma~as.3850634962&w=728&lmt=1660317093&psa=0&format=728x90&url=https%3A%2F%2Fgreatfon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317093000&bpp=8&bdt=188&idt=148&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8039417939945&frm=20&pv=1&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=421&ady=1070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5PsHPRkp6U&p=https%3A//greatfon.com&dtd=153
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 14:39:12 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 336D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a1df5cccb64a9c28aa931724aca3f8e9c8b77d49fb68a1f616f53ca10319484

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2560 9 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 13 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2560 26 KB
10 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Aug 2022 16:14:17 GMT

GET
H3 200 img-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 3 KB
3 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abff583ffce9d7339c63fdb0bbb0de14f0c0d9162c5c9d1cc8b3b8440f9f0350

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3340
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 13 KB
13 KB 29ms
24ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503ab58efbe34abb6afd3fcdd35cd733140423e36080570f36cc895721e4e3a0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13395
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 17 KB
17 KB 50ms
46ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cc0d0b5a2f46a406f09075f0481544daa824e94846326a7d81f9af78a6f0e6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17641
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 24 KB
24 KB 41ms
37ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-7.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e0c3b4d653cf493f337abdcbfe746278f26282e0cd2517db142223805f6ac5d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24721
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 tf-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 3 KB
3 KB 55ms
50ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/tf-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7003f7bf298efaec9faac6889b4bf43eb196448f8d90a306a2d74a139bd89bc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3092
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 47ms
42ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/tf-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

178501d32da7a30c771bf8b32ad2fc34bc2ed09cb86c5a26e93228cb56e28e4e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2451
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 tf-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 48ms
44ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/tf-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7f7c850a4a3056acb7a5abc150b0962baf8a147ed0b582dc669bfa593177ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2464
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 tf-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 49ms
45ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/tf-3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5cce54f2c3b044db710426b1095c1e7c5c86d6eb8b7fef7fa9ab31792db96c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 148276
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2114
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Wed, 10 Aug 2022 22:00:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Aug 2023 22:00:17 GMT

GET
H3 200 tf-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 48ms
43ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/tf-4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a5b58708add037bc4f76c06adb1df403a21db557ae3b255bafc8166008d2164

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2281
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 47ms
43ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e5c3d24cc34683b363aa09f841cb82dec2687ed79927acd43c015b82864ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1468
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 38ms
34ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-stoerer.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2560bac5c989f6f72d591f2e3d096b8a5ab826d1f4aa22f73f835e495f581071

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1902
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 99 B
129 B 61ms
57ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
2 KB 36ms
32ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac9a1598afbdc48a8352e3887f48e85e407c048d0eb6bc684ac8acbf67c191f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2271
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2560 113 KB
40 KB 157ms
73ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Aug 2022 15:11:33 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 2 KB
1 KB 17ms
17ms Script
application/x-javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 328170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 20:02:03 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 20:02:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8A80
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

42ms
41ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 15:11:33 GMT
expires: Fri, 12 Aug 2022 15:11:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 15:11:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 img-dude-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 39ms
36ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-dude-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56701d49dc258f76133960b0de9f9f4647befbc33decf8cd99a293e045226217

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1351
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-dude.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 6 KB
6 KB 38ms
34ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-dude.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ac0134857c222602962f27711eea513d9a8de11f53ee3398e7ca5f22aa3c68d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6578
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-0-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 36ms
32ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-0-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa48a20ab102cde2d0b05850f002331eea9b8f324e512dca6e10f9ffd5c838c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1176
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 9 KB
9 KB 31ms
27ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a20ce5caeb1ca6d4aa5d96a86f775aff114ba2e37c7ff314db3047f1c47b49f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9178
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-1-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 37ms
33ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-1-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ca071e57a9e3c1709ede383c995cb8fd5f345be18aa4884b3dc11fe79abbc3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1248
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 5 KB
5 KB 54ms
51ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

038671dd5d2740ae1b4a72441be77a9675c1a471b04f2d5c8bbcb41ed1cde15f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5377
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:32:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:32:45 GMT

GET
H3 200 img-phone-2-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 60ms
56ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-2-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46364d1605149d118d8cc0603e230c5c9dbc2726fdd4d07d5976a52fcd1b5ee1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 12 KB
12 KB 55ms
52ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0447263bd8bbe909c2d3b4305c09a8dce8560bafa54dc86e87e76f6b59efb4cd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11944
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-3-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 58ms
55ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-3-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185951434f2feca394fed049a79f9dab3f4b1d26899bc9fd8564533bad1f2f0b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1276
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 12 KB
12 KB 56ms
52ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-3.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d51192c73c7207f7f8cfd09066c6e759683fed112da2f92dc12e671c7f3b390

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12333
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-4-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 1 KB
1 KB 54ms
51ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-4-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e9d3155ec7942ef839bd442c1ef4befcd4553377e6b0436e02ca5dbd9f0267

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H3 200 img-phone-4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/ Frame 2560 7 KB
7 KB 52ms
49ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/assets/img-phone-4.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4698992051773146371/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

945bdb0102e4b4015a28140b698a20db7a2c5e3dbc1615f72a44ccf06e5963e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 355542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7323
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:15:42 GMT
server: sffe
date: Mon, 08 Aug 2022 12:25:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 12:25:51 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 135ms
24ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13777
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 66ms
65ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
last-modified: Thu, 11 Aug 2022 14:27:18 GMT
etag: "62f4e796-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 12 Aug 2022 16:11:33 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5f305d49ed0d1337/ 1 KB
718 B 54ms
53ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5f305d49ed0d1337/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e7c1f38cf924d6d50a39317a15eda5cbdd56d8b38c17ee3941db2c705548587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:33 GMT
content-encoding: gzip
etag: 353772264--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=23, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 543

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 385ms
215ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62f66da55011ec58&bkl=0&bl=1&pdt=643&sid=62f66da55011ec58&pub=ra-5f305d49ed0d1337&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=greatfon.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1660317093914&jsl=0&uvs=62f66da55ac0d689000&skipb=1&callback=addthis.cbs.jsonp__85002478852612320
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-212-127.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5de71c9dc0b1f50e65a29dc3a434dc4e32fa7a2ed8579f21b8154401066fe4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:34 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2738 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 9D03 71 KB
26 KB 39ms
39ms Document
text/html 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 12 Aug 2022 15:11:33 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2

200

1 Show response
mc.yandex.com/watch/71984668/
Redirect Chain

https://mc.yandex.com/watch/71984668?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.com/watch/71984668/1?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Al...

331 B
519 B

66ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71984668/1?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1536743714089%3Ahid%3A197984236%3Az%3A0%3Ai%3A20220812151133%3Aet%3A1660317094%3Ac%3A1%3Arn%3A57788903%3Arqn%3A1%3Au%3A1660317094606449369%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660317092184%3Ads%3A0%2C60%2C137%2C3%2C420%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aafr%3A2f7e9430_17-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Arqnl%3A1%3Ast%3A1660317094%3At%3AInstagram%20story%20viewer%20-%20Watch%20profiles%2C%20stories%2C%20followers%2C%20reels%2C%20tagged%20web%20posts%20anonymously.%20Best%20insta%20viewer%20for%20video%20and%20photo%20from%20Instagram&t=gdpr%2814%29clc%280-0-0%29mtb%280%29aw%281%29rqnt%281%29cs%28kc7abe%29efid%281%29afr%281%29rqnl%281%29ti%282%29

Requested by

Host: greatfon.com
URL: https://greatfon.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

495e1e20c248f4dbaf185f777345325da4f126c5d6c556bfd3ca1ab9f6f04f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 12-Aug-2022 15:11:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://greatfon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Fri, 12-Aug-2022 15:11:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:33 GMT
last-modified: Fri, 12-Aug-2022 15:11:33 GMT
location: /watch/71984668/1?wmode=7&page-url=https%3A%2F%2Fgreatfon.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2qrc%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1536743714089%3Ahid%3A197984236%3Az%3A0%3Ai%3A20220812151133%3Aet%3A1660317094%3Ac%3A1%3Arn%3A57788903%3Arqn%3A1%3Au%3A1660317094606449369%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660317092184%3Ads%3A0%2C60%2C137%2C3%2C420%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aafr%3A2f7e9430_17-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Arqnl%3A1%3Ast%3A1660317094%3At%3AInstagram%20story%20viewer%20-%20Watch%20profiles%2C%20stories%2C%20followers%2C%20reels%2C%20tagged%20web%20posts%20anonymously.%20Best%20insta%20viewer%20for%20video%20and%20photo%20from%20Instagram&t=gdpr%2814%29clc%280-0-0%29mtb%280%29aw%281%29rqnt%281%29cs%28kc7abe%29efid%281%29afr%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://greatfon.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 12-Aug-2022 15:11:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 336D 0
17 B 60ms
59ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbQuSpW32YpmvDdacygX-5ZiwDfbag5Jr9PutnuUPZBABIIXzqCpgleKQgqAHoAHj0YXbAsgBCakCF4FfzbBCsT6oAwHIA0iqBOMBT9DTWLhkAnJVYcXd1EGzjcRlyu_sjzB2WHWUkYTYTU84uR_h-VQDIeM8i7Rjud82jZoVWZAiM8A6mnKAbyKr8JhoX7y5KP7ygzmumhnNUcmwq2a2OhRvlQbooW7yzFBglJ0hZTvuqVw-CHH1xh69iueVOOaBoSSnsrsEVO_IWSnoBPEOFynEZyfHnpVfmJEdN69aKDE6pejrM-EG1MphYkEpDE5SfeOT7j_RN3ZjKfd6_MhUUuKEglQwE6-93PCNVXsb6t5XzmnHNXvlur9BBjpwPAZycJ0CDASKvEXV-mF904bABO7ovZvvA6AGLoAHha76pAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCd0QHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi00MjM1NDc3MDQ1MTY0MjE2GAA&sigh=us7r8ql_Ujo&uach_m=[UACH]&template_id=419&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4235477045164216&output=html&h=90&slotname=3850634962&adk=2294932030&adf=3235933448&pi=t.ma~as.3850634962&w=728&lmt=1660317093&psa=0&format=728x90&url=https%3A%2F%2Fgreatfon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660317093000&bpp=8&bdt=188&idt=148&shv=r20220810&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8039417939945&frm=20&pv=1&ga_vid=1500121317.1660317093&ga_sid=1660317093&ga_hid=372392221&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=421&ady=1070&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31064019&oid=2&pvsid=775818229457493&tmod=1868323246&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5PsHPRkp6U&p=https%3A//greatfon.com&dtd=153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 12 Aug 2022 15:11:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 40ms
39ms Script
application/javascript 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 12 Aug 2022 15:11:34 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2560 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:12:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 10:12:44 GMT

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
250 B 442ms
37ms XHR
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fgreatfon.com%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://greatfon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://greatfon.com/
last-modified: Fri, 12 Aug 2022 15:00:00 GMT
server: nginx/1.15.8
date: Fri, 12 Aug 2022 15:11:34 GMT
content-type: application/json
access-control-allow-origin: https://greatfon.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 68 B
296 B 86ms
16ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fgreatfon.com%2F&callback=window._ate.cbs.rcb_1wyc0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afe127d7dcc1a2639dba451464b278ef37ae8dc4db5584fd5f3acc613a1579dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
accept-ranges: none
x-pinterest-rid: 3903231303900067
expires: Fri, 12 Aug 2022 15:23:13 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
282 B 625ms
220ms Script
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fgreatfon.com%2F&callback=_ate.cbs.rcb_8rqw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1a8ba831918700995ab8ea62eee8399aa455f08c5ff6ffff2f4e1d4cbde572b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: greatfon.com/
last-modified: Fri, 12 Aug 2022 15:11:34 GMT
server: nginx/1.15.8
date: Fri, 12 Aug 2022 15:11:34 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 67 B
131 B 88ms
18ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fgreatfon.com%2F&callback=window._ate.cbs.rcb_bgec0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

61b7a7db687f29a665fed5ea6eba6461e7ee023360b9ce87c645897e2847e3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 201
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 2
accept-ranges: none
x-pinterest-rid: 9769389642854592
expires: Fri, 12 Aug 2022 15:23:13 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
282 B 625ms
221ms Script
application/json 23.47.212.127
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fgreatfon.com%2F&callback=_ate.cbs.rcb_93b30

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-212-127.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1fcb35b7c56569a8c80072b52eacaef10e50397ad20a16d31c07bf2fba6c5fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: greatfon.com/
last-modified: Fri, 12 Aug 2022 15:11:34 GMT
server: nginx/1.15.8
date: Fri, 12 Aug 2022 15:11:34 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 96ms
64ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220810&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

857709225bb07f59a910a8c4ee3d74775af7ec5b0db12418bdf3e55bce98f658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Aug 2022 15:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11233
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 336D 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5h8y03MPnVVZD0Q3SAcvtEo54AFvAlT5zHgUU11DV_iG9_NlmNml0jFsbASd82dcB2m1WCfFeDLYkUulxVGpLvwhSBpvZWUzv6JXVpxfV5pIZ_SW8XKXypne_P_fXSv3_LwBguGmwzGOKy-M5iliRH-px-tixLMscl_bSIqS0LuS2yuTArgIPZt6OKipB9iwQgZHU3pVFZPzQsuB32vukvps4eh7MRtkKpAMYvOD8X3Jbt4eRzfqT3nyaMmJWx9QZbujQT3r3bncI6sP_oRedCTABaSpBQF3YVxgqRJSWIRfredboFjjcXupGSmsLhnoi2zFd3L5iXaOCsZiFnNa5YOiwQDiRuw0OCwEsS51BchWJL1YzugBwqEQZB9ZBiItAj47IjruJsH96oPkiLIJ61wqA0mvkm3Rn5VlwPoYe_llMYML9kTsaDLy2ZmQLa_ifLN4GrL5463oiMhQBNXoLVHeYexF2QKulOCph_Xw1VQPusJWdhVbBJ3w-3wVb-LaHj5Rpzg352bCD3FTujy19IALg048ZK81s3XLtGbMNf379G3FM89eDRk_M3dxwTZ47wQ1gNBJjgHXEADcFf2dNfeUdi9Wf63YwFYRoNjrieikx8bs3G0IQuQ_2oMY-4e-JVy8sMOcKxQjr7afOUPXxdwjNR9MuRbB6QZxZEjxlyxEQaiFew83nZ3rKkTC11fY81xYdqX4fciJGcUnzu3lkAsfXz1YMwpGiPyDZVUVOW_deR8aXjTW_qmzDxUWZJShdumkYOdVyKBeXYCSzLlOV9-ag552KCoS6QgKZr6B-ryQcNFdlQlSTI-zA90kMpNZD2bb03KfDXd0YXwpu2xt7x8EyfAe96aEYhgOQVsJhEajDLtjHcw6UdonSMVddHnMQF22UAHNYjKtA92Xd1OGDn1GINRkl204KkMeOcfCR2C6eO5QKX7WoFWEIZ1owepYg7cwZSrPI6_EStdleXcjh91t38miZ8jA&sai=AMfl-YR6TMAVKQsAwbFt777M1eXt0l189BcUBmglcCRNZhyuJq1j8ilfF03yksLAB6cZX-0h-eyVwS6SGdJGP_OJsevZyHL4TfejYw&sig=Cg0ArKJSzJBsyirCHBidEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2294932030&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660317093154&rpt=592&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 15:11:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 15:11:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BE7 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 14:58:09 GMT
expires: Sat, 12 Aug 2023 14:58:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 273C 783 B
532 B 58ms
25ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5b3498c2b18e370c3595a46588e61343acc9245ad37988dbfead1924f8c4103

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fslileTwoePP1f0VBBEdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://greatfon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-fslileTwoePP1f0VBBEdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 15:11:34 GMT
expires: Fri, 12 Aug 2022 15:11:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BE7 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dJtiYfEJEI0hyw5wQ_g_8NlKRsHdja2JZeZ5T9NF0jg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:12:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14301
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 10:12:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 273C 0
0 48ms
48ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220810&jk=775818229457493&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8BE7 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WTryKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 15:11:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
52ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220810&jk=775818229457493&bg=!pqWlpeHNAAa4hXTbmIU7ACkAdvg8Wqi-wi2mV4dd53-JoKAAPFhe4pgDSQwP_5c9CrzbGc__TTM_HAIAAABbUgAAAAJoAQcKABf44eXzF119oFZ5FvBpB2GxIgTD45wbJ5kC1qgQnUHu3Y1NzyxWUNGPdkLvJyvhTVhTmdR24VYWgEgK76mOhGv0RyVd0Jm2uZvscI7zdvdzWZtzyF6cFU9TJBAi3_FMM6kZBZ8VVbYBHTebPWh0ocGS5RaTE77Js3qOZ56fk_jRsPOcqkdmo3DJtOw2DsLaMQ8-T01Gx0IBgBIS4yYnA50sUAG51oI14fyYSBerG5GhlC3HksSkW7toFogibbDvdYB_wls0awth38jedcvnMvgtmjieNSRUf06uDUcsqWSYiU3u3ZWgIKPxvBN_CMl2eM_XAAhwYTA2rAxQX6n4Os0F-G0C4ElERJoVxBPypER9uTA4mZjUK2IT6NKD895eakPA0l58OhlFP13eNxHokNNU3Fzfme1nmu5XhhRZerazdAnmGEuZzq2-86z-BH2icMvoOqUBqogidf9EHcSDQAZw5LUgmye7GlU70U_OVakpWfiCIW6IDXqg6bG2nZ1Qxf6o6FwVHXh-cfZHi666SIG-SPAA2lFrgE3HrSYWbnXkAHB2LnDYIJjDCWIRIcQpQ4PPCVk5jZ9-qicI7a7zJ7vKBbx-tLJ2ldZAGhbuUEhfdDhkpzyH35D-2BHEKqIIvDazFWIyAKEMKJe0iJ6fDn0ysUm_bT1k0jxixwLt_vKNqQwGWqvW3r98Dyk1HtKEeol7q-3oo-ik_WzOAk7_xiImCOJl7p6oKebT7-cvkil03Oo1izVi-mE86kJq_ZwSs2-xoDQwVgkro3L85bCgyBgT5cmd33tng-ZsM5ZyymHRljCJMoB-MdDIL5Gs90GP8SA457W3cVDI78Mkj2amlMKnTEyAx5Ky404_zoUUzUhfTh4AKmuos0Djf5JUcjDZfImRFjiCExULoNWFPmHz2GNTqBzATcBW7Z9t-Ke9wgp-JF12Sjlv3MAuFJR1E4QaYx1j9ylEPzRDMGhw4MquLHSFThCTxsAhKHxxDGBWbb44QQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://greatfon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
greatfon.com/	1969-12-31 23:59:59	Name: _inst_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYNFRiRDB3MnY3b2RlbFFka0tWVzRjM0ZR.DqpcSzG2VnURtR-qtIx0yMBhkec8F8x2cojjXJAp2SM
.greatfon.com/	1970-01-20 14:47:57	Name: _ga_T410N8PBE5 Value: GS1.1.1660317093.1.0.1660317093.0
.greatfon.com/	1970-01-20 14:47:57	Name: _ga Value: GA1.1.1500121317.1660317093
.greatfon.com/	1970-01-20 14:33:33	Name: __gads Value: ID=c4840105f6c8a3f1-224425b1efcd00f1:T=1660317093:RT=1660317093:S=ALNI_MaNrO70A5HLgiqDEKbYRUlsddX6XA
.greatfon.com/	1970-01-20 13:57:33	Name: _ym_uid Value: 1660317094606449369
.greatfon.com/	1970-01-20 13:57:33	Name: _ym_d Value: 1660317094
.mc.yandex.com/	1970-01-20 05:11:57	Name: sync_cookie_csrf Value: 4245467632fake
.mc.yandex.ru/	1970-01-20 05:11:57	Name: sync_cookie_csrf Value: 4068460027fake
.doubleclick.net/	1970-01-20 05:12:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 14:33:33	Name: IDE Value: AHWqTUmnfH-rXLMl8sRVyxgWanHii_bgotiLVjYy69I3sCZuNK0Jeaz_uajq5V98
greatfon.com/	1970-01-20 14:42:11	Name: __atuvc Value: 1%7C32
greatfon.com/	1970-01-20 05:11:58	Name: __atuvs Value: 62f66da55ac0d689000
.addthis.com/	1970-01-20 14:42:11	Name: uvc Value: 1%7C32
.greatfon.com/	1970-01-20 05:13:09	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 13:57:33	Name: yandexuid Value: 9553450851660317093
.yandex.com/	1970-01-20 13:57:33	Name: yuidss Value: 9553450851660317093
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2652375851660317093
.yandex.com/	1970-01-20 14:47:57	Name: i Value: fQEOy688NyhoTxWioRhU0C823aemhUYW0Hedh/85vv8r6pDKlA4QjlgXPp1jzU8dV6ZSO4N5VnTe5s1ilNpaB6As1Gc=
.yandex.com/	1970-01-20 13:57:33	Name: ymex Value: 1691853093.yrts.1660317093#1691853093.yrtsi.1660317093
.addthis.com/	1970-01-20 14:42:11	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9728.zZ07NirfblS5gV8jzWv3U5s8KaG5RCmVb-2ObZa_D6mnoerecWyRHbmhuXQjVRnYOfiYYmpO5jD5mCEuu6nk4Q%2C%2C.uQOXUAQ3BPuQqv69MHMd4axAeUc%2C Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-public.addthis.com
cdn1.greatfon.com
cdn2.greatfon.com
cdn3.greatfon.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
greatfon.com
greatfono.com
m.addthis.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
s7.addthis.com
tpc.googlesyndication.com
v1.addthisedge.com
widgets.pinterest.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
s7.addthis.com
142.250.186.130
151.101.128.84
2001:4860:4802:34::36
23.35.237.151
23.47.212.127
2606:4700:3032::ac43:df37
2606:4700:3033::ac43:805d
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
2a00:1450:400e:80c::200a
2a02:6b8::1:119
0093cff7ece7313be2fc38fed099dfc56393dae35b3dc04526d3bac470544e52
037b36a07ddc797c36777d3feadab6b45f32d13d6c085c785b4fb80e3efd3600
037fc02c9d69ec3ad57760c2c7a9b12a2267699b76c8f1130d7b97618e2cee8e
038671dd5d2740ae1b4a72441be77a9675c1a471b04f2d5c8bbcb41ed1cde15f
0421ff8044885d5d76a267dbf36d6644ccc678e0407d3c76b7ac51760d50b55e
0447263bd8bbe909c2d3b4305c09a8dce8560bafa54dc86e87e76f6b59efb4cd
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
09fc02696876df4487679b89a819880821f4149cce7f47c47e57b66c4a794509
0a84fc2d4e8ee98a066b7240f571608d26b027bd9e0e663054266fb0bd5dcdf3
0fa48a20ab102cde2d0b05850f002331eea9b8f324e512dca6e10f9ffd5c838c
10878b62413b9004a5b44404baadf4cbe15fa176d14f57840b8b21bd94099bbb
11663ac5802911d1deaa883a660356e189f99bc25e3f4074d2b48d4b4050cb2c
12b0b7427ae5a374ad9f590bc7f9076b36b8b4fcf94001240db97279bd2804a9
12eb5706271e7adb3182aa445fb57629efd4e9d71ece01c81a75628616673ffc
178501d32da7a30c771bf8b32ad2fc34bc2ed09cb86c5a26e93228cb56e28e4e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185951434f2feca394fed049a79f9dab3f4b1d26899bc9fd8564533bad1f2f0b
195f5e557cb0e071f18fb2bf1ee91ed84d01194b2ccbf2476dcf3d5c778927cd
1a8ba831918700995ab8ea62eee8399aa455f08c5ff6ffff2f4e1d4cbde572b9
1e7c1f38cf924d6d50a39317a15eda5cbdd56d8b38c17ee3941db2c705548587
1f2e000a6d137f791ea8b531d81cf2414d194183b7a29c7598ce2f8dd82e6b9f
1fcb35b7c56569a8c80072b52eacaef10e50397ad20a16d31c07bf2fba6c5fbc
2560bac5c989f6f72d591f2e3d096b8a5ab826d1f4aa22f73f835e495f581071
25eb3ae86baacff01b721744c44ff77aebd94ba45d8761a4f9dcab85d1b2ea4b
2a1df5cccb64a9c28aa931724aca3f8e9c8b77d49fb68a1f616f53ca10319484
2ac0134857c222602962f27711eea513d9a8de11f53ee3398e7ca5f22aa3c68d
2b9c0914d8f3f0aa6cf86705df70b7b21e9ca2f9013a346463788e7cebd0158f
2cb333b33a7efe72a8b348ad848df3b89b19a9af9696275f0c6b8f3979963e00
35ca071e57a9e3c1709ede383c995cb8fd5f345be18aa4884b3dc11fe79abbc3
3a2400dbbf11e0230a5d056fc07c0b9ba0b852616acc58e1de3deddbb74ed30a
3a5cce54f2c3b044db710426b1095c1e7c5c86d6eb8b7fef7fa9ab31792db96c
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
41d5a7cfebbf5af026b61d098d3ee4599ac824853f84cf35304f349feb0941e3
43a39adfe946290d7127f4d02923cef4224e4a65c6eeb933f950797870a630b2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46364d1605149d118d8cc0603e230c5c9dbc2726fdd4d07d5976a52fcd1b5ee1
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
495e1e20c248f4dbaf185f777345325da4f126c5d6c556bfd3ca1ab9f6f04f05
4c7f7c850a4a3056acb7a5abc150b0962baf8a147ed0b582dc669bfa593177ee
4cc460dfb3694d06cb44096bf340c45e3963093ca514b3cc9c89a9918cc2deec
4cf1c01f168727d86a7235b34250747a9504c41463c32f996735264aac644638
4f658e1ff72ceb00a9560c77dd907afa018140dfc17ba07819009cb482da1af0
503ab58efbe34abb6afd3fcdd35cd733140423e36080570f36cc895721e4e3a0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56701d49dc258f76133960b0de9f9f4647befbc33decf8cd99a293e045226217
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
589d0f9f04b4d572e83fc050f422e173a5cc50da6690d850185ba99c75093efc
5de71c9dc0b1f50e65a29dc3a434dc4e32fa7a2ed8579f21b8154401066fe4e5
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61b7a7db687f29a665fed5ea6eba6461e7ee023360b9ce87c645897e2847e3ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e5c3d24cc34683b363aa09f841cb82dec2687ed79927acd43c015b82864ea5
62946db25d6f2978963772a960d09b8c6d39b5f36db69134746e4bb431b9c958
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a5b58708add037bc4f76c06adb1df403a21db557ae3b255bafc8166008d2164
6cc0d0b5a2f46a406f09075f0481544daa824e94846326a7d81f9af78a6f0e6c
7003f7bf298efaec9faac6889b4bf43eb196448f8d90a306a2d74a139bd89bc4
700b07ed405957601fb4209d64a7968949fbf774be461af86041b24819fb32f1
749b6261f109108d21cb0e7043f83ff0d94a46c1dd8dad8965e6794fd345d238
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c90111dcac715edad1e68fcad7f06b6cb1f42abc163c232841df09f7d83ad69
7c972f6c010dc2fe7383c681689682a4210ac4e9f3f207d48da0a2e307bbfbfe
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83c155b0ff02a1f63422b01ced6d46c441870f5820f0239a291a096fc2674b51
857709225bb07f59a910a8c4ee3d74775af7ec5b0db12418bdf3e55bce98f658
8a20ce5caeb1ca6d4aa5d96a86f775aff114ba2e37c7ff314db3047f1c47b49f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec928cd9a0b17c0e5e9b3ce8407f9218abf5ea5081e21c8ddc3eea40d63b261
945bdb0102e4b4015a28140b698a20db7a2c5e3dbc1615f72a44ccf06e5963e7
97ccef691698fc301c0baca42fea6b1e20679280058c36db71b45fbaf41840ad
9d51192c73c7207f7f8cfd09066c6e759683fed112da2f92dc12e671c7f3b390
9da0600a3bb70e96cf35a78518b4f2f1b33fc7de8fb45cd73b22cb11a6af8cb2
9e0c3b4d653cf493f337abdcbfe746278f26282e0cd2517db142223805f6ac5d
a3cb59528b863da8d18d3da15e14d68c0708d272732dae63fccf17121ed578f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8037feb833cd07ee4d9ab6e0ed008e74fb1451afa0de1d99859fdf88510581d
a82c8f8c9ee902131a71c2c211358fecd60e972cb0db459d07dab8a98a6d07fe
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
abff583ffce9d7339c63fdb0bbb0de14f0c0d9162c5c9d1cc8b3b8440f9f0350
ac9a1598afbdc48a8352e3887f48e85e407c048d0eb6bc684ac8acbf67c191f0
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad9cc0978725cecafb0fb36fe45d4eeeb7510d7971c13f40f9e7a3e3d067ab9a
afe127d7dcc1a2639dba451464b278ef37ae8dc4db5584fd5f3acc613a1579dc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b50fd7a57d96d6aedd0401307da289576a52ae1d30728595530f811163f9054d
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bc6d84b1934f70bb7303bfa08bc67343575f130ef551fc0f3b39d31d9e73de0d
c2e9d3155ec7942ef839bd442c1ef4befcd4553377e6b0436e02ca5dbd9f0267
cd0a1a7809246df79a2925f6eeca126c04d2b40c811cc7ac7486370de3c5d3df
d0bfb9c7c02796b01f4c33d42417211381e704e986e5cb7a98a6945905ac6a57
d28d6cdb39560d8b1c59405d7f04eb09ea39d84f47b07d3fb4deaae56eefbc18
d5b3498c2b18e370c3595a46588e61343acc9245ad37988dbfead1924f8c4103
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
ddfa26268857f8508f52bfb17625720b819bd4898aea886fe9029d38259eec10
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6798303e2e402fefdfd1813956fa66535060c03ad901417ae505dd5c9b5a4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04d8c4c5ce99695dbcc0198f8565ae85fe0cfd1b933c95d6931627a23263e7f
f089e78b38cb379d1e49fbe6fa66fc704eef6960915bb0989046f0695707449f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7fc436bff1f8d32981644a161e9a00538a890730d1c5a1dd10fae9487e9ce66

greatfon.com Open in urlscan Pro 2606:4700:3032::ac43:df37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

97 %HTTPS

79 %IPv6

19 Domains

26 Subdomains

19 IPs

5 Countries

1773 kBTransfer

3662 kBSize

20 Cookies

1 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

greatfon.com Open in urlscan Pro
2606:4700:3032::ac43:df37 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

97 %
HTTPS

79 %
IPv6

19
Domains

26
Subdomains

19
IPs

5
Countries

1773 kB
Transfer

3662 kB
Size

20
Cookies

119 HTTP transactions
2 data transactions